Directory Schema Overview

The directory server reads the schema once at startup and then uses the schema information to match a search filter request or assertion to an entry's attributes to determine if any add or modify operations are permitted by the client.

In most cases, the default schema should be sufficient for most applications. However, you can take advantage of the flexibility of the directory server to extend the schema to suit your applications. The general procedure is not to relinquish the standard schema to a new custom schema, but to use the standard attributes or object classes wherever possible. If you require custom attributes or object classes that are not handled with the standard schema, you can create or extend the standard schema with auxiliary attributes and object classes required for your application.

The schema is stored in the directory under the suffix (cn=schema). The directory server also has a subschema subentry that defines the schema elements plus the set of operational attributes in the directory.

You can extend the schema in one of two ways:

Extend the schema over LDAP.
Create a custom schema definition file.

Designing and Extending the Schema

Before you consider extending the default schema, or designing your own schema, ensure that you have a solid understanding of schema syntax and design. For background information on schema architecture, see Understanding the Directory Server Schema in Sun OpenDS Standard Edition 2.0 Architectural Reference.

The basic steps to design or extend a schema are as follows:

Map the data to the default schema. Where possible, use the existing schema elements that are defined in the directory server. Standard schema elements help to ensure compatibility with directory-enabled applications. Because the schema is based on the LDAP standard, it has been reviewed and agreed upon by a large number of directory users.
Identify unmatched data. The default schema was designed to accommodate a large variety of information objects. However, if the schema does not handle your specific data type, then make note of it and any other data types needed for your directory.
Extend the default schema to define new elements. For optimal performance, reuse existing schema elements wherever possible. Also, minimize the number of mandatory attributes that you define for each object class. Keep the schema as simple as possible. Do not define more than one object class or attribute for the same purpose.
Use schema checking. Schema checking ensures that attributes and object classes conform to the schema rules.
Select and apply a consistent data format. The LDAP schema allows you to place any data on any attribute value. However, you should store data consistently by selecting a format appropriate for your LDAP client application and directory users.

Default Schema Files

The default schema provided with the directory server is a collection of LDIF files stored under install-dir/config/schema. The directory server loads the schema files in alphanumeric order (numerals first) at directory server startup.

Caution - Never modify the standard schema definitions and internal operational attributes in these files.

The following table describes the default schema files and their contents.

Table 5

Default Schema Files

Schema File	Description
`00-core.ldif`	Contains the schema definitions for the LDAPv3 standard user and organization.
`01-pwpolicy.ldif`	Contains the schema definitions for password policies based on the `draftldappolicy` draft.
`02-config.ldif`	Contains the schema definitions for the attribute and object class definitions in the directory configuration file.
`03-changelog.ldif`	Contains the schema definitions for storing changes to directory data based on the `draftldap-changelog`.
`03-rfc2713.ldif`	Contains the schema definitions for representing Java objects in an LDAP directory based on RFC 2713.
`03-rfc2714.ldif`	Contains the schema definitions for representing CORBA object references in an LDAP directory based on RFC 2714. The Common Object Request Broker Architecture (CORBA) integrates machines in a multivendor, multiplatform environments using CORBA objects. A directory server can be a repository for CORBA object references, which allow for a centrally administered service for CORBA-compliant applications.
`03-rfc2739.ldif`	Contains the schema definitions for representing calendar attributes for a vCard directory based on RFC 2739. Calendar applications require a calendar user agent to locate a URI, located in a directory, for an individual's calendar. Note that the definition in RFC 2739 contains a number of errors. This schema file has been altered from the standard definition in order to fix a number of those problems.
`03-rfc2926.ldif`	Contains the schema definitions for mapping Service Location Protocol (SLP) advertisements based on RFC 2926. This specification allows directory servers to serve SLP directory agent back ends that create mappings between SLP templates and the LDAP directory schema.
`03-rfc3112.ldif`	Contains the schema definitions for the authentication password syntax based on RFC 3112.
`03-rfc3712.ldif`	Contains the schema definitions for storing printer information in the directory based on RFC 3712.
`03-uddiv3.ldif`	Contains the schema definitions for storing UDDI v3 information in the directory based on RFC 4403. Universal Description, Discovery and Integration (UDDI) is a platform-independent, XML-based registry for companies on the Internet. UDDI enables companies to publish service listings and defines which software applications interact together over the Internet.
`04-rfc2307bis.ldif`	Contains the schema definitions for storing naming service information in the directory based on `draftrfc2307bis`.

Exit Print View
Sun OpenDS Standard Edition 2.0 Administration Guide