Create a new objectClass in order to add a custom attribute to an existing objectClass

ldap

Long titles ask for short answers :)

I have a ldap server with the default schemas. Under some organizational unit I have entries that have the structural objectClass person and another two clasess uidObject and top.

I need to add an attribute to these entries called enabledServices and I want to store in it each service that the particular person has access to ( mostly for vpn ).

From what I understood so far, I can create a new objectClass that has only one attribute and I can add that class to my entries. My question is how I create such a class ?

My set-up involves slapd and phpldapadmin on an ubuntu machine.


Solution 1:

You create a objectClass by adding a schema to OpenLDAP, schemata are documented at OpenLDAP schema documentation.

Please note:

  • Once written the schema file, I would be surprised if it could be added to directory with phpldapadmin. I would recommend the command line tools;
  • the examples in the documentation are in the old config format: you should convert them to the newer conf.d ldif format.

Related

Setting up IPSEC on LAN between two hosts (OpenBSD)
Nginx: How to redirect to https, but not for subdomain
ZFS keeps faulting the same device
Are caching proxy servers still be helpful for saving bandwith, now that major services have migrated to https?
Nginx + Wordpress in subdirectory
Does zfs send scrub the sent data?
mdadm - stuck reshape operation
Run javascript function on cells of CSV / excel file
vb.net select statement failing
Javascript regex for semicolon not in complex nested quotes
visual studio code error ) expected css-rparentexpected version 1.62.2?
Shapely Point not inside Multipolygon when it should be inside