2

I am using ApacheDS Server as an LDAP Server. I have created a custom attribute to use in my LDAP structure that I have defined. I have created a schema and inside the Schema I have defined an ObjectClass and an attribute called dateOfBirth. I exported the Schema and imported it into the DIT of ApacheDS. The schema is imported and can view the dateOfBirth attribute.

However, when I try to add it I get a warning saying:

Warning according to the schema attribute dateOfBirth is not allowed.

Do you still want to add the new value?

The dateOfBirth is to store information about a Person. The Person object class in LDAP is called inetOrgPerson ObjectClass. What is the best way to add the dateOfBirth in order to use it?

user1646481
  • 1,267
  • 6
  • 21
  • 29

2 Answers2

3

There is no need to define a dateOfBirth attribute. The auxiliary objectClass naturalPerson - described in RFC2985 - already allows this attribute using generalizedTimeSyntax. Add the naturalPerson objectClass to your entry, then add a dateOfBirth attribute that conforms to generalizedTimeSyntax.

dn: cn=myPerson,dc=example,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: naturalPerson
dateOfBirth: 20121115121912.810Z

and so forth.

Update: example objectClass definition from RC2985.

dn: cn=schema
objectClass: top
objectClass: ldapSubentry
objectClass: subSchema
objectClasses: ( 1.2.840.113549.1.9.24.2 NAME 'naturalPerson'
  SUP top
  AUXILIARY
  MAY ( emailAddress $
    unstructuredName $
    unstructuredAddress $
    dateOfBirth $
    placeOfBirth $
    gender $
    countryOfCitizenship $
    countryOfResidence $
    pseudonym $
    serialNumber )
  X-ORIGIN 'RFC 2985' )
Community
  • 1
  • 1
Terry Gardner
  • 10,957
  • 2
  • 28
  • 38
  • Don't under estimate the wisdom behind this answer. Use standard objectClass whenever possible, which often turns out to be "all the time" ;) – ixe013 Nov 14 '12 at 17:27
  • 1
    Thanks for your reply. Actaully, there are certain attributes that I need to create as part of my company requirements. So in that sense, I will have to create some other attributes. How do I get past the warning displayed in the description? These new attributes are not in the ApacheDS at all. – user1646481 Nov 15 '12 at 11:36
  • Also, I can't seem to find this naturalPerson object class in ApacheDS. Are you sure it is in ApacheDS? – user1646481 Nov 15 '12 at 11:42
  • ApacheDS may not support all LDAP-standard defined attributes out-of-the-box. Check RFC2985 for the schema definitions required, and simply add the required attribute type and object classes to the schema. – Terry Gardner Nov 15 '12 at 12:20
  • Well, that's what I have done. As described above, I have added the schema and imported it into the ou=schema. It can be searched for and viewed. However, when trying to add it the above warnings appear. Not sure how to solve this. Not much on Google. – user1646481 Nov 15 '12 at 12:47
  • `ou=schema`? Are you sure you didn't mean `cn=schema`? – Terry Gardner Nov 15 '12 at 13:09
  • Well, I imported it from the DIT. So it gets placed in ou=schema. Any ideas? Once imported from DIT, under ou=schema it creates the name of the schema so for example cn=schemaNameIDefined – user1646481 Nov 15 '12 at 13:55
  • Is it actually possible to use more than one ObjectClass in LDAP? When trying to add my custom one it gives an error saying: Error 65 Object Class Violation - Entry contains more than one STRUCUTURAL ObjectClass – user1646481 Nov 15 '12 at 14:08
  • I don't use ApacheDS so I don't know the details, but typically the schema is located under `cn-schema` - and this location is what the server consults for attribute and objectClass definitions. Only one structural objectClass is allowed. Multiple auxiliary objectClasses can be added, though. Check that your new objectClass is marked AUXILIARY - there's an example in my answer. – Terry Gardner Nov 15 '12 at 15:22
3

You can add custom object and attributes(should not exist) in Apache DS using Apache directory studio.

The Steps are

  1. Open the Apache Directory Studio.
  2. Go to the Schema Editor perspective.
  3. Right click in project pane and create new schema project.
  4. Choose offline/online and give project name.
  5. Open the connection
  6. Right click on schema pane and create new schema with unique name(ex. test123).
  7. Under the schema can create new attributes and object for those attributes.(look at existing objects for reference)
  8. Once done everything, can export as .ldif file (let say test.ldif)
  9. Now go to the LDAP Browser perspective.
  10. Right on ou=schema object and click on import as LDIF.
  11. import the LDIF file which is exported from schema project(step-8).
  12. Successfully done and refresh the ou=schema object you can see the added object.
MADHAIYAN M
  • 2,028
  • 25
  • 22
  • I have followed these steps and can see the schema but when i try to create a new entry the objectClasses i imported do not appear as options. What do I need to do? – Sionnach733 Nov 22 '13 at 15:22
  • 1
    When you are in Object Classes popup. please click on reload button near Available object classes text-box. now you can see the object. – MADHAIYAN M Nov 25 '13 at 11:03