Managing schema checking

The PingDirectory server provides full support for parsing all schema elements and provides access to all of its components.

By default, the PingDirectory server enables schema checking for all operations, especially when importing data to the server or when modifying entries using the ldapmodify tool. Any schema violations generate an error message to standard output.

Viewing the schema checking properties

Steps

To view the schema checking property, run dsconfig with the get-global-configuration-prop option.

Example:
```
$ bin/dsconfig get-global-configuration-prop \
  --property check-schema
```

Disabling schema checking

Although you can use the dsconfig tool to disable the schema checking, it’s not recommended.

About this task

This feature only applies to public backends. Schema checking is enforced on private backends, such as changes to the configuration, schema, task, and others. An admin action alert is generated if you attempt to disable schema checking using dsconfig in interactive or non-interactive mode. The alert provides alternatives to disabling schema checking.

Steps

To disable the check-schema property, run dsconfig with the set-global-configuration-prop option.

Example:

$ bin/dsconfig --no-prompt set-global-configuration-prop \
  --set check-schema:false

Result:

The system generates an admin action alert that provides alternate options to disabling schema checking.

One or more configuration property changes require administrative action or
confirmation/notification.

Those properties include:

  *   check-schema: Schema checking should only be disabled as a last resort
      since disabling schema checking harms performance and can lead to
      unexpected behavior in the server as well as the applications that
      access it. There are less severe options for addressing schema issues:

  1.  Update the data to conform to the server schema.

  2.  Modify the server schema to conform to the data. Contact support before
      modifying the server's default schema.

  3.  Change the single-structural-objectclass-behavior property to allow
      entries to have no structural object class or multiple structural object
      classes.

  4.  Change the invalid-attribute-syntax-behavior property to allow attribute
      values to violate their attribute syntax.

  5.  Change the allow-zero-length-values property of the Directory String
      Attribute Syntax configuration to allow attributes with this syntax to
      have a zero length value.

Continue?  Choose 'no' to return to the previous step (yes / no) [yes]:

To continue the process of disabling the schema checking instead of following one of the alternate options, press Enter.