HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

441

442

443

444

445

446

447

448

449

450

The object class definition contains several components:

• An OID, usually a dot-separated number

• A unique name, in the form NAME name

• A description, in the form DESC description

• The superior, or parent, object class for this object class, in the form SUP object_class; if

there is no related parent, use SUP top

• The word AUXILIARY, which gives the type of entry to which the object class applies;

AUXILIARY means it can apply to any entry

• A list of required attributes, preceded by the word MUST; to include multiple attributes, enclose

the group in parentheses and separate with attributes with dollar signs ($)

• A list of allowed attributes, preceded by the word MAY; to include multiple attributes, enclose

the group in parentheses and separate with attributes with dollar signs ($)

The object class definition is added to the custom schema file, 99user.ldif, by by running an

LDAP command and modifying the cn=schema entry. For example:

ldapmodify -h example.com -p 389 -D "cn=directory manager" -w secret

dn: cn=schema

changetype: modify

add: objectclasses

objectclasses: ( 2.16.840.1133730.2.123 NAME 'examplePerson' DESC 'Ex\

ample Person Object Class' SUP inetorgPerson AUXILIARY MUST cn MAY

(exampleDateOfBirth $ examplePreferredOS) )

10.5.3 Deleting schema

CAUTION:

Never delete default schema elements. Those are required by the Directory Server to run.

1. Remove the unwanted attributes from any entries that use them, then from any object classes

in the schema file that accept that attribute. Likewise, to remove an object class, remove it

from any entries.

2. Run ldapmodify to remove the attribute. For example:

ldapmodify -h example.com -p 389 -D "cn=directory manager" -w secret

dn: cn=config

changetype: delete

delete: objectclasses: ( 2.16.840.1133730.2.123 NAME 'examplePerson' DESC

'Example Person Object Class' SUP inetorgPerson AUXILIARY MUST cn MAY

(exampleDateOfBirth $ examplePreferredOS) )

CAUTION:

Be sure to specify the exact object class or attribute to remove; using only the

attributetypes or objectclasses attribute without the value will delete every

user-defined attribute or object class in the file.

If the custom attribute or object class is in a custom schema file other than 99user.ldif, edit the

file directly. Neither the Directory Server Console nor LDAP tools can edit a schema file other than

99user.ldif.

10.5 Managing schema using ldapmodify 441