Creating mirror virtual attributes
PingDirectory server provides a feature to mirror the value of another attribute in the same entry or mirror the value of the same or a different attribute in an entry referenced by the original entry.
For example, consider a directory information tree (DIT) where users have a manager
attribute with a value of the DN of the employee as follows.
dn: uid=apeters,ou=people,dc=example,dc=com objectClass: person objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: top manager:uid=jdoe,ou=people,dc=example,dc=com uid: apeters ... (more attributes) ...
You can set up a mirror virtual attribute so that the returned value for the managerName
virtual attribute can be the cn
value of the entry referenced by the manager
attribute.
$ bin/ldapsearch --baseDN dc=example,dc=com "(uid=apeters)" \
dn: uid=apeters,ou=people,dc=example,dc=com
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: top
manager:uid=jdoe,ou=people,dc=example,dc=com
managerName: John Doe
uid: apeters
... (more attributes not shown) ...
Creating a mirror virtual attribute using dsconfig in non-interactive mode
Create a mirror virtual attribute using dsconfig
in non-interactive command-line mode.
About this task
The following example sets up the managerName
virtual attribute introduced in the previous section:
Steps
-
Update the schema to define the
managerName
attribute.You can optionally add the attribute to an object class.
-
In a text editor, create a file with the following schema definition for the attribute.
dn: cn=schema objectClass: top objectClass: ldapSubentry objectClass: subschema attributeTypes: ( 1.3.6.1.4.1.32473.3.1.9.4 NAME ‘managerName’ EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{256} X-ORIGIN ‘PingDirectory Server Example’ )
-
Save the file as
98-myschema.ldif
in the<server-root>/config/schema
folder.
-
-
Restart the PingDirectory server.
$ bin/stop-server --restart
-
To create the virtual attribute, use
dsconfig
.$ bin/dsconfig create-virtual-attribute \ --name "managerName" \ --type mirror \ --set "description:managerName from manager cn" \ --set enabled:true \ --set attribute-type:managerName \ --set source-attribute:cn \ --set source-entry-dn-attribute:manager
-
To verify the mirror virtual attribute, search for an entry.
$ bin/ldapsearch --baseDN dc=example,dc=com "(uid=apeters)"
Result:
Your search results in the following.
dn: uid=apeters,ou=People,dc=example,dc=com ... (attributes) ... manager: uid=jdoe,ou=People,dc=example,dc=com managerName: John Doe