Object Classes in the Directory

This section contains these topics:

• About Object Class Management

• Managing Object Classes by Using Oracle Directory Manager

• Managing Object Classes by Using Command-Line Tools

About Object Class Management

This section explains how to add and modify an object class. Oracle Corporation recommends that you understand the basic concepts of directory components before attempting to add to or modify the base schema in the directory.

See Also: "Object Classes" for a conceptual overview of object classes Appendix B, "Oracle Internet Directory Schema Elements" for a list of schema elements installed with Oracle Internet Directory

Guidelines for Adding Object Classes

When you add a directory entry, you associate it with one or more object classes. Each object class contains attributes that you want to associate with the new entry. For example, if you are creating an entry for an employee, you can associate the entry with the person object class. This object class contains many of the attributes that you want to associate with that employee entry--including, for example, name, address, and telephone number.

Inheritance

Each object class derives from a hierarchy of superclasses, and it inherits attributes from these superclasses. By default, all object classes inherit from the top object class. When you assign an object class to an entry, the entry inherits all of the attributes of both that object class as well as its superclasses.

Mandatory and Optional Attributes in Object Classes

The attributes that entries inherit from an super class may be either mandatory or optional. Values for optional attributes need not be present in the directory entry.

You can specify for any object class whether an attribute is mandatory or optional; however, the characteristic you specify is binding only for that object class. If you place the attribute in another object class, you can again specify whether the attribute is mandatory or optional for that object class. You can:

• Select from existing standard object classes

• Add a new, non-standard object class and assign it existing attributes

• Modify an existing object class, assigning it a different set of attributes

• Add and modify existing attributes

  See Also: "About Attribute Management"

Addition of Entries in Top-Down Sequence

Entries must be added in a top-down sequence--that is, when you add an entry, all of its parent entries must already exist in the directory. Similarly, when you add entries that reference object classes and attributes, those referenced object classes and attributes must already exist in the directory schema. In most cases this will not be a problem because the directory server is delivered with a full set of standard directory objects.

Object Class Explosion

When you add or perform an operation on an entry, you do not need to specify the entire hierarchy of superclasses associated with that entry. This feature, called object class explosion, enables you to specify only the leaf object classes. Oracle Internet Directory resolves the hierarchy for the leaf object classes and enforces the information model constraints. For example, the inetOrgPerson object class has top, person and organizationalPerson as its superclasses. When you create an entry for a person, you need to specify only inetOrgPerson as the object class. Oracle Internet Directory then enforces the schema constraints defined by the respective superclasses, namely, top, person, and organizationalPerson.

When you add object classes, keep the following guidelines in mind:

• Every structural object class must have top as a superclass.

• The name and the object identifier of an object class must be unique across all the schema components.

• Schema components referred to in the object class, such as superclasses, must already exist.

• The superclass of an abstract object class must be abstract also.

• It is possible to redefine mandatory attributes in a superclass into optional attributes in the new object class. Conversely, optional attributes in a superclass can be redefined into mandatory attributes in the new object class.

  Note: Every schema object in the Oracle Internet Directory has certain limitations. For example, some objects cannot be changed. These limitations are explained as constraints and rules in this chapter.

  See Also: "Subclasses, Superclasses, and Inheritance" for a conceptual discussion of these terms

Guidelines for Modifying Object Classes

This section discusses the types of modifications you can make to an existing object class. You can perform modifications through Oracle Directory Manager and through the command-line tools.

You can make these changes to an object class:

• Change a mandatory attribute into an optional attribute

• Add optional attributes

• Add additional superclasses

• Convert abstract object classes into structural or auxiliary object classes unless the abstract object class is a superclass to another abstract object class

When you modify object classes, keep these guidelines in mind:

• You cannot modify an object class that is part of the standard LDAP schema. You can, however, modify user-defined object classes.

• If existing object classes do not have the attributes you need, you can create an auxiliary object class and associate the needed attributes with that object class.

• You cannot add additional mandatory attributes to an existing object class.

• You cannot modify object classes in the base schema.

• You cannot remove attributes or superclasses from an existing object class.

• You cannot convert structural object classes to other object class types.

• You should not modify an object class if there are entries already associated with it.

  See Also: "Object Classes in the Directory" "Managing Object Classes by Using Command-Line Tools"

Guidelines for Deleting Object Classes

There are also some limitations on deleting object classes:

• You cannot delete object classes from the base schema.

• You can delete object classes that are not in the base schema as long as they are not directly or indirectly referenced by other schema components. For example, there may be some directory entries referring to these object classes. Deleting these object classes renders these entries inaccessible.

  Note: Oracle Internet Directory does not enforce these rules. They are provided here as guidelines.

Managing Object Classes by Using Oracle Directory Manager

This section tells you how to use Oracle Directory Manager to search for object classes, view their properties, add, modify, and delete them.

Searching for Object Classes by Using Oracle Directory Manager

You can specify your search for an object class by:

• Selecting an object class property, for example, a name or an object identifier

• Entering a value for the property you selected

• Selecting a search filter specifying the relationship between the object class property you selected and the value you entered, for example, Begins With or Exactly Matches

This section provides more details on how to enter an object class search.

To search for an object class:

1. In the navigator pane, expand each of the following objects in succession: Oracle Internet Directory Servers and directory server instance.

2. Select Schema Management. The Schema Management tab pages appear in the right pane.

3. Choose the Find Object Classes button at the lower right of the right pane, or, from the menu bar, choose Edit, then choose Find Object Classes. The Find: Object Classes dialog box appears.

4. In the menu farthest to the left on the search criteria bar, select the property of the object class for which you want to search. Options are listed and described in Table C-20.

   Note: Not all attributes are used in every object class. Be sure that the attribute you specify actually corresponds to one in the object class for which you are looking. Otherwise, the search will fail.

5. In the menu in the middle of the search criteria bar, select the filter you want to use for your search. Options are listed and described in Table C-21.

6. In the text box at the right end of the search criteria bar, type the value of the property of the object class you are searching for. For example, to search for all object classes with names that begin with the letters orcl, type those letters in the text box at the right end of the search criteria bar.

7. Below the Criteria field are five buttons described in the next table. Use these buttons to further refine your search.

8. Choose Search. The results of your search appear in the window at the lower portion of the Find:Object Class dialog box.

Viewing Properties of Object Classes by Using Oracle Directory Manager

To view all object classes in the schema:

1. In the navigator pane, expand each of the following objects in succession: Oracle Internet Directory Servers and directory server instance.

2. Select Schema Management.

3. In the right pane, select the Object Classes tab page.

   To examine an individual object class and its attributes, in the Object Classes tab page, choose the object class. The properties of the selected object class appear in the Object Class dialog box.

Adding Object Classes by Using Oracle Directory Manager

To add object classes by using Oracle Directory Manager:

1. In the navigator pane, expand each of the following objects in succession: Oracle Internet Directory Servers and directory server instance.

2. Select Schema Management.

3. In the right pane, select the Object Classes tab and choose the Create button in the toolbar. The New Object Class dialog box appears.

   Alternatively, in the Object Classes tab page, select an object class that is similar to one you would like to create, and then choose Create Like. The New Object Class dialog box displays the attributes of the selected object class. You can create the new object class by using the selected one as a template.

4. In the New Object Class dialog box, enter the information in the fields. These are described in Table C-23.

5. Choose OK.

   See Also: "Object Class Types" "Subclasses, Superclasses, and Inheritance" Oracle Directory Manager online help for further details about adding object classes

Modifying Object Classes by Using Oracle Directory Manager

To modify an object class:

1. In the navigator pane, expand each of the following objects in succession: Oracle Internet Directory Servers and directory server instance.

2. Select Schema Management.

3. In the right pane, select the Object Classes tab and choose the object class you want to modify. The Object Class dialog box appears.

4. In the Object Class dialog box, modify or add the information in the fields. These are described in Table C-23.

5. Choose OK.

   See Also: "Object Class Types" "Subclasses, Superclasses, and Inheritance"

   Note: You can add attributes to an auxiliary object class or a user-defined structural object class. See Also: Example: Adding a New Attribute to an Auxiliary or User-Defined Object Class for an example of adding attributes to an auxiliary object class

Deleting Object Classes by Using Oracle Directory Manager

Caution: Oracle Corporation recommends that you not delete object classes from the base schema. If you delete an object class that is referenced by any entries, those entries then become inaccessible. Should you decide to delete an object class from the base schema, be careful not to delete one that is in use or that you might want to use in the future.

To delete an object class by using Oracle Directory Manager:

1. In the navigator pane, select Schema Management.

2. In the right pane, select the Object Classes tab page and select the object class you want to delete.

3. Choose Delete.

Managing Object Classes by Using Command-Line Tools

You can use command-line tools to add or modify existing object classes in the directory schema. The command-line tools enable you to use input files. Furthermore, the commands can be batched together in scripts.

To add or modify schema components, use ldapmodify.

See: "ldapmodify Syntax"

Example: Adding a New Object Class

In this example, an LDIF input file, new_object_class.ldi, contains data similar to this:

dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 1.2.3.4.5 NAME 'myobjclass' SUP top STRUCTURAL MUST ( cn $ 
sn ) MAY ( telephonenumber $ givenname $ myattr ) )

Be sure to leave the mandatory space between the opening and closing parentheses and the object identifier.

To load the file, enter this command:

ldapmodify -h myhost -p 389 -f new_object_class.ldi

This example adds the structural object class named myobjclass, giving it an object identifier of 1.2.3.4.5, specifying top as its superclass, requiring cn and sn as mandatory attributes, and allowing telephonenumber, givenname, and myattr as optional attributes. Note that all the attributes mentioned must exist prior to the execution of the command.

To create an abstract object class, follow the previous example, replacing the word STRUCTURAL with the word ABSTRACT.

Example: Adding a New Attribute to an Auxiliary or User-Defined Object Class

To add a new attribute to either an auxiliary object class or a user-defined structural object class, use ldapmodify. This example deletes the old object class definition and adds the new definition in a compound modify operation. The change is committed by the directory server in one transaction. Existing data is not affected. The input file should be as follows:

dn: cn=subschemasubentry 
changetype: modify 
delete: objectclasses 
objectclasses: old value 
-
add: objectclasses 
objectclasses: new value

For example, to add the attribute changes to the existing object class country, the input file would be:

dn: cn=subschemasubentry
changetype: modify 
delete: objectclasses 
objectclasses:  ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL MUST c MAY 

( searchGuide $ description  )  ) 
-
add: objectclasses 
objectclasses:  ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL MUST c MAY 

( searchGuide $ description  $ changes )  )