HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)
Example 20 person object class schema entry
objectClasses: ( 2.5.6.6 NAME 'person' DESC 'Standard LDAP objectclass'
SUP top MUST ( sn $ cn ) MAY ( description $ seeAlso $ telephoneNumber
$ userPassword ) X-ORIGIN 'RFC 2256' )
Every object class defines a number of required attributes and of allowed attributes. Required
attributes must be present in entries using the specified object class, while allowed attributes are
permissible and available for the entry to use, but are not required for the entry to be valid.
As in Example 20 “person object class schema entry”, the person object class requires the cn,
sn, and objectClass attributes and allows the description, seeAlso, telephoneNumber,
and userPassword attributes.
An object class can inherit attributes from another class, in addition to its own required and allowed
attributes. The second object class is the superior or parent object class of the first.
For example, a user's entry has to have the inetOrgPerson object class. In that case, the entry
must also include the superior object class for inetOrgPerson, organizationalPerson, and
the superior object class for organizationalPerson, which is person:
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgperson
10.1.3 Attributes
Directory entries are composed of attributes and their values. These pairs are called attribute-value
assertions or AVAs. Any piece of information in the directory is associated with a descriptive
attribute. For instance, the cn attribute is used to store a person's full name, such as cn: John
Smith.
Additional attributes can supply additional information about John Smith:
givenname: John
surname: Smith
mail: jsmith@example.com
In a schema file, an attribute is identified by the attributetypes line, then followed by its OID,
name, a description, syntax (allowed format for its value), optionally whether the attribute is single-
or multi-valued, and where the attribute is defined.
This is shown in Example 21 “description attribute schema entry”.
Example 21 description attribute schema entry
attributeTypes: ( 2.5.4.13 NAME 'description' DESC 'Standard LDAP attrib\
ute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
10.1.4 About extending the schema
New, custom attributes and object classes can be added to a Directory Server instance to extend
the schema, and there are several ways to add schema elements. Using the Directory Server
Console or LDAP tools adds schema elements to the default custom schema file for an instance,
99user.ldif. It is also possible to create a new, separate schema file and include it with the
default schema files.
Adding new schema elements requires three things:
1. Planning and defining OIDs for the new schema. Schema elements are recognized by the
server by their OID, so it is important for the OIDs to be unique and organized. Directory
428 Managing the Directory Schema