0

I'm trying to add a new attribute called "FullName" in LDAP. In Apache Directory studio, I created a new LDIF file:

dn: cn=schema
changetype: modify
add: attributeTypes
attributeTypes: ( 2.16.840.1.113719.1.1.4.1.120
       NAME 'FullName'
       DESC 'fullname of an employee'
       EQUALITY caseIgnoreMatch
       SUBSTR caseIgnoreSubstringsMatch
       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
add: objectClasses
objectClasses: ( 2.25.128424792425578037463837247958458780603.1
   NAME 'fullname_attr'
   DESC 'fullname_attr'
   SUP inetOrgPerson
   STRUCTURAL
   MAY  (FullName) )

The attribute OID is for fullname, the objectclass OID is a custom OID.

When I try to "execute LDIF" I have a message error in my log file:

send_ldap_result: err=21 matched="" text="attributeTypes: value #0 invalid per syntax"

How can I fix that?

Dimitri Colier
  • 21
  • 2

1 Answers1

0

This won't work with OpenLDAP.

  1. With OpenLDAP default config the DN of the subschema subentry is cn=Subschema.

  2. OpenLDAP does allow to write directly to the subschema subentry.

OpenLDAP has static and dynamic configuration methods.

For the latter dynamically changing the schema is done by modifying entry cn=schema,cn=config in the config backend. Note that this also has a specific schema. You should examine that before constructing your modify requests.

When using static config the OpenLDAP server does not accept schema change via LDAP.

You simply have to add these lines to your slapd.conf:

attributetype ( 2.16.840.1.113719.1.1.4.1.120
  NAME 'fullName'
  DESC 'fullname of an employee'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

Then the same for the custom object class.

Michael Ströder
  • 1,248
  • 8
  • 12