Internet Express for Tru64 UNIX Version 6.8 Administration Guide (14233)
Example 4-3 shows sample user and group object class definitions.
Example 4-3 Sample RFC 2307 User and Group Object Class Definitions
#
# Partial RFC 2307 schema.
#
# The OIDs are derived from iso(1) org(3) dod(6)
# internet(1) directory(1) nisSchema(1).
#
# Attribute types from RFC 2307
#
attribute uidNumber 1.3.6.1.1.1.1.0 int single
attribute gidNumber 1.3.6.1.1.1.1.1 int single
attribute gecos 1.3.6.1.1.1.1.2 cis single
attribute homeDirectory 1.3.6.1.1.1.1.3 ces single
attribute loginShell 1.3.6.1.1.1.1.4 ces single
attribute memberUid 1.3.6.1.1.1.1.12 ces
#
# ojectclass from rfc2307
#
# posixAccount is an auxiliary class. You may use account as a structural
# class.
objectclass posixAccount
oid
1.3.6.1.1.1.2.0
requires
objectClass,
cn,
uid,
uidNumber,
gidNumber,
homeDirectory
allows
userPassword,
loginShell,
gecos,
description
objectclass posixGroup
oid
1.3.6.1.1.1.2.2
superior
top
requires
objectClass,
cn,
gidNumber
allows
userPassword,
memberUid,
description
4.1.4 Indexing Attributes for the Directory Servers
Directory servers use indexes to aid in searching the directory. Directory server indexes greatly
improve the performance of searches in the directory databases, but they do so at the cost of
potentially slower database modification and entry creation operations. Indexes will also cost
more in terms of system resources, especially in disk-space use.
The directory server maintains five distinct types of indexes, as described in Table 4-1.
Table 4-1 LDAP Database Index Types
DescriptionIndex Type
Presence index. Allows for searches that return every entry that contains the indexed
attribute.
pres
Equality index. Allows for searches that return the entries containing an attribute that
is set to a specific value.
eq
Approximate index. Used only for string values such as commonName or givenName.
Allows for phonetic searching.
approx
4.1 Managing the LDAP Module for System Authentication 75