Excuse all of my past ramblings about schema...
Active Directory (and possibly ADAM) stores extended attribute schema
information in extendedAttributeInfo. I wrote a function which merges this
information with attributeTypes. Each extended attribute will be prefixed
with an 'x-' in keeping with some much needed guidance from Peter Marschall.
The result is a merged Net::LDAP::Schema object with some important
information such as attribute length and if it is indexed etc.
Is this a hack? Absolutely.
Is extentedattributeinfo LDAP standard? Nope, But I have seen it implemented
in Active Directory, ADAM and even seen mention of it in Lotus Notes.
My hope is that someone can carry this code on into a sub class
(Net::LDAP::Schema::Extended?). I have only tested this code in so far as
reading attribute information. I have not played with any other Schema
functions with this hacked object.
Feedback is always welcome.
Happy Holidays!
Eric
sub get_ad_extendedschema
{
my $msg=$_[0]->search(base=>$_[0]->root_dse->get_value('subschemaSubentry'),
scope=>base,
filter=>'(objectclass=subschema)',
attrs=>[ qw( objectClasses attributeTypes matchingRules
matchingRuleUse dITStructureRules
dITContentRules nameForms ldapSyntaxes
extendedAttributeInfo) ]
);
die join(" : ",$msg->code,$msg->error) if $msg->code;
my $schema=Net::LDAP::Schema->new($msg->entry);
foreach my $line ($msg->entry->get_value('extendedAttributeInfo'))
{
$line=~s/^\(\s*//g;
$line=~s/\s+\)$//g;
$line=~s/(INDEXED|SYSTEM-ONLY)/\1 \'1\'/g;
$line=~s/\'//g;
my ($oid,%hash)=split(/\s/,$line);
my $temp=$schema->{'at'}->{lc $hash{'NAME'}};
foreach my $i (keys %hash)
{
$temp->{'x-' . lc $i}=$hash{$i} if $temp->{lc $i} eq undef;
}
$schema->{'at'}->{lc $hash{'NAME'}}=$temp;
}
return $schema;
}
