luckydog xf wrote:
> Hi, list,
>
> I'm trying to migrate opendj to openLDAP. Here is a customized schema.
> ===
> dn: cn=schema
> objectclass: top
> objectclass: ldapSubentry
> objectclass: subschema
> cn: schema
> attributeTypes: ( 1.12.23.34.45.56.780 NAME 'active' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.7 X-SCHEMA-FILE '99-user.ldif' )
> attributeTypes: ( 1.12.23.34.45.56.782 NAME 'accountName' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> attributeTypes: ( 1.12.23.34.45.56.784 NAME 'djGroups' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> attributeTypes: ( 1.12.23.34.45.56.786 NAME 'departmentId' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> attributeTypes: ( 1.12.23.34.45.56.788 NAME 'department' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> attributeTypes: ( 1.12.23.34.45.56.790 NAME 'companyCode' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> attributeTypes: ( 1.12.23.34.45.56.792 NAME 'parent' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> ds-sync-generation-id: 8408
> ds-sync-state: 01050186432c61a90000f9ca10880
> ds-sync-state: 0105017a002b3170002f4a1b16311
> modifiersName: cn=Administrator
> modifyTimestamp: 20190711063414Z
> objectClasses: ( 1.12.23.34.45.56.880 NAME 'idmExt' DESC 'idm user extended
> attributes' SUP top AUXILIARY MUST active MAY ( accountName $ djGroups $
> departmentId $ department $ companyCode ) X-SCHEMA-FILE
> '99-user.ldif' )
> objectClasses: ( 1.12.23.34.45.56.890 NAME 'idmDept' DESC 'idm department
> extended attributes' SUP top AUXILIARY MAY parent X-SCHEMA-FILE
> '99-user.ldif' )
> ===
>
> I changed it to LDAP compliant one.
LDIF files must not have blank lines within a single entry. You added an entry
with "cn" and no other attributes.
> ---
> dn: cn=djuser,cn=schema,cn=config
> objectClass: olcSchemaConfig
> cn: djuser
>
> olcAttributeTypes: ( 1.12.23.34.45.56.780 NAME 'active' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.7 )
> olcAttributeTypes: ( 1.12.23.34.45.56.782 NAME 'accountName' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> olcAttributeTypes: ( 1.12.23.34.45.56.784 NAME 'djGroups' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> olcAttributeTypes: ( 1.12.23.34.45.56.786 NAME 'departmentId' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> olcAttributeTypes: ( 1.12.23.34.45.56.788 NAME 'department' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> olcAttributeTypes: ( 1.12.23.34.45.56.790 NAME 'companyCode' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> olcAttributeTypes: ( 1.12.23.34.45.56.792 NAME 'parent' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
>
> olcObjectClasses: ( 1.12.23.34.45.56.880 NAME 'idmExt' DESC 'idm user
> extended attributes' SUP top AUXILIARY MUST active MAY ( accountName $
> djGroups $
> departmentId $ department $ companyCode ) )
> olcObjectClasses: ( 1.12.23.34.45.56.890 NAME 'idmDept' DESC 'idm department
> extended attributes' SUP top AUXILIARY MAY parent )
>
> -----
> It can be imported by `ldapadd -Y EXTERNAL -H ldapi:/// -f 99-user.ldif`
> However, there is nothing in
> ===
> [root@hq-repo cn=config]# more cn\=schema/cn\=\{10\}djuser.ldif
> # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
> # CRC32 310b21fa
> dn: cn={10}djuser
> objectClass: olcSchemaConfig
> cn: {10}djuser
> structuralObjectClass: olcSchemaConfig
> entryUUID: 6b852150-4b97-103d-86fe-7b79b4eef873
> creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> createTimestamp: 20230228093837Z
> entryCSN: 20230228093837.038174Z#000000#000#000000
> modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> modifyTimestamp: 20230228093837Z
>
> ===
> I'm using openldap 2.4.
> Anything wrong with my schema ?
>
> Thanks.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
