Extending the PingDirectory server schema
The PingDirectory server stores its schema as LDIF files in the <server-root>/config/schema
directory.
At startup, the PingDirectory server reads the schema files in alphanumeric order starting with 00-core.ldif
and ending with any custom schema definition files, such as 99-user.ldif
, if present.
You can extend the schema to include additional customizations necessary for your PingDirectory server data using one of the following methods:
-
Using the Schema Editor
This method is the easiest and quickest way to set up a schema definition and have it validated for the correct ASN.1 formatting. The Editor lets you define your schema properties, load your custom file, or perform a cut-and-paste operation on a new schema element. If any errors exist in the file, the Schema Editor generates an error message if the schema definitions do not pass compliance.
-
Using a custom schema file
You can create a custom schema file with your new definitions using a text editor, save it as
99-user.ldif
, and then import the file using the Schema Editor or theldapmodify
tool. You must name the custom LDIF file with a high two-digit number prefix, so that the PingDirectory server reads the file after the core schema files are read at startup. For example, you can name the file99-myschema.ldif
.For more information on the requirements for naming each file, see the next section, General tips on extending the schema.
-
Using the command line
If you have a small number of additions, you can extend the schema over LDAP and from the command line using the
ldapmodify
tool. The PingDirectory server writes the new schema changes to a file such as99-user.ldif
in the<server-root>/config/schema
directory. However, this method can be cumbersome because schema definitions require strict adherence to text spacing and white space characters.
General tips on extending the schema
Consider the following points when extending the schema:
-
Never modify the default schema files because doing so could damage the PingDirectory server’s processing capabilities.
-
Define all attributes before they can be used in an object class. If you are using the Schema Editor to add new schema elements, use the
Quick Add Attributes
option when defining new object classes. -
Define the parent object class before creating object classes that inherit from the parent.
-
You must name custom schema files according to the following syntax:
-
Begin with exactly two digits.
-
Follow the two digits with a non-digit character.
-
Follow the non-digit character with a zero or more characters.
-
End in
.ldif
.The two digits don’t need to be followed by a dash ("-").
Any files that do not meet this criteria are ignored and either a
NOTICE
orSEVERE_WARNING
message is logged.
Any file in the
<server-root>/config/schema
directory with a name that starts with "." or ends with a tilde (’~’),.swp
, or.tmp
generates aNOTICE
message indicating that temporary files will be ignored. Any other file that does not meet the naming criteria generates aSEVERE_WARNING
message indicating that it will be ignored. -
-
Define custom attributes and object classes in one file. Typically, this file is the
99-user.ldif
. You can specify a different file name that the PingDirectory server writes to using theX-SCHEMA-FILE
element and the file name in the definition, as in the following example.add: attributeTypes attributeTypes: ( 1.3.6.1.4.1.32473.3.1.9.1 NAME 'contractorStatus' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE userApplications X-ORIGIN 'Directory Server Example' X-SCHEMA-FILE '99-custom.ldif' )
-
In the white space characters in the schema definitions,
WSP
means zero or more space characters, andSP
means one or more space characters. The LDIF specification states that LDIF parsers should ignore exactly one space at the beginning of each continuation line because continuation lines must begin with a space character.If you define a new schema definition with each keyword on a separate continuation line, you should add two spaces before an element keyword to guarantee correct formatting. For example, the following attribute definition has two spaces before the keywords
NAME
,SUP
, andX-ORIGIN
.attributeTypes: ( 2.5.4.32 NAME 'owner' SUP distinguishedName X-ORIGIN 'RFC 4519' )
-
In a replicated topology, any new schema additions are replicated to other replication servers to their respective Schema backend. The additions are written to the file specified by the
X-SCHEMA-FILE
extension or written to99-user.ldif
if no file is specified.