Previous Next Contents Index


Chapter 3 Extending the Directory Schema

Netscape Directory Server comes with a standard schema that includes hundreds of object classes and attributes. While the standard object classes and attributes should meet most of your requirements, you may need to extend your schema by creating new object classes and attributes.

This chapter describes how to extend your schema in the following sections:


Overview of Extending Schema
When you add new attributes to your schema, you must create a new object class to contain them. Although it may seem convenient to just add the attributes you need to an existing object class that contains most but not all of the attributes you require, doing so compromises the compatibility of your directory server with existing LDAP clients that rely on the standard LDAP schema and causes difficulties when upgrading your server. For the same reasons, you cannot delete standard schema elements.

For more information on object classes, attributes, and the directory schema as well as guidelines for extending your schema, refer to the Netscape Directory Server Deployment Manual. For information on standard attributes and object classes, see the Netscape Directory Server Schema Reference Guide.

To extend the directory schema you will:

  1. Create new attributes. See  "Creating Attributes" for more information.

  2. Create an object class to contain the new attributes and add the attributes to the object class. See  "Creating Object Classes" for more information.

Turning Schema Checking On and Off
When schema checking is on, the directory server ensures that the object classes and attributes you are using are defined in the directory schema, and that the attributes required for an object class are contained in the entry, and that only attributes allowed by the object class are contained in the entry.

Schema checking is turned on by default in the directory server, and Netscape recommends you run the directory server with schema checking turned on.

To turn schema checking on and off:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the root node in the navigation tree in the left pane and then select the Settings tab in the right pane.

  3. To enable schema checking, select the "Enable Schema Checking" checkbox; clear it to turn off schema checking.

  4. Click Save.
You can also turn schema checking on and off by using the Schema Checking parameter in slapd.conf. For information, see "Schema Checking".


Managing Object Classes
You use the Directory Server Console to manage your schema's object classes. Through it, you can view all of your schema's object classes and create, edit, and delete your object class extensions to the schema. The following sections describe how to manage object classes:

For information on managing attributes, see "Managing Attributes".

Viewing Object Classes

To view information about all object classes that currently exist in your directory schema:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder and then select the Object Classes tab in the right pane.

  4. In the Object Classes list, select the object class you want to view.

    5. This tab displays information about the standard or user-defined object class you selected as defined in Table  3.1.

    Table 3.1 Object Classes tab reference  

    Table Header
    		Description
    Parent
    		The parent identifies the object class from which this object class inherits its attributes and structure. For example, the parent object for the inetOrgPerson object class is the organizationalPerson object. That means that an entry with the object class inetOrgPerson must also include the object class organizationalPerson.
    Typically, if you want to add new attributes for use with user entries, the parent would be the inetOrgPerson object class. If you want to add new attributes for use with corporate entries, the parent is usually organization or organizationalUnit. If you want to add new attributes for use with group entries, the parent is usually groupOfNames or groupOfUniqueNames.
    OID
    		The object identifier of the object class.
    An OID is a string, usually of dotted decimal numbers, that uniquely identifies an object, such as an object class or an attribute. If you do not specify an OID, the directory server automatically uses <ObjectClass name>-oid. For example, if you create the object class division without supplying an OID, the directory server automatically uses division-oid as the OID.
    For more information about OIDs, or to request a prefix for your enterprise, send mail to the IANA (Internet Assigned Number Authority) at iana@iana.org or visit the IANA website at: http://www.iana.org/iana/.
    Object Classes
    		This list contains all of the standard and user-defined object classes in the directory server schema.
    Required Attributes
    		Contains a list of attributes that must be present in entries using the object class. Includes inherited attributes.
    Allowed Attributes
    		Contains a list of attributes that may be present in entries using the object class. Includes inherited attributes.
Creating Object Classes

You create an object class by giving it a unique name, selecting a parent object for the new object class, and adding required and optional attributes.

To create an object class:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder. and then select the Object Classes tab in the right pane.

  4. Click Create.

    5. The Create Object Class dialog box appears.

  5. Enter a unique name for the object class in the Name text box.

  6. (Optional) Enter an object identifier for the new object class in the OID (Optional) text box.

    7. OIDs are described in Table  3.1.

  7. Select a parent object for the object class from the Parent pull-down menu.

    8. You can choose from any existing object class. See Table  3.1 for more information on parent object classes.

  8. To add an attribute that must be present in entries using the new object class: highlight the attribute in the Available Attributes list and then click the Add button to the left of the Required Attributes box. You can either use the standard attributes or create new ones. For information, see "Managing Attributes".

  9. To add an attribute that may be present in entries using the new object class: highlight the attribute in the Available Attributes list and then click the Add button to the left of the Allowed Attributes box.

  10. To delete an attribute that you previously added, highlight the attribute in the Required Attributes list or the Allowed Attributes list and then click the corresponding Remove button.

    11. You cannot remove either allowed or required inherited attributes.

  11. Click OK when you have finished identifying the new object class and the required and allowed attributes.
Editing Object Classes

You can use the Server Console to edit object classes that you previously created. You cannot edit a standard object class.

To edit an object class:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder and then select the Object Classes tab in the right pane.

  4. Select the object class you want to edit in the Object Classes list and click Edit.

    5. The Edit Object Class dialog box appears.

  5. To change the name of the object class, enter the new name in the Name text box.

  6. To change the object identifier for the object class, enter the new OID in the OID (Optional) text box.

    7. OIDs are described in Table  3.1.

  7. To change the parent object for the object class, select the new parent from the Parent pull-down menu.

  8. To add an attribute that must be present in entries using the new object class, highlight the attribute in the Available Attributes list and then click the Add button to the left of the Required Attributes box. You can either use the standard attributes or create new ones. For information, see "Managing Attributes".

  9. To add an attribute that may be present in entries using the new object class, highlight the attribute in the Available Attributes list and then click the Add button to the left of the Allowed Attributes box.

  10. To remove an attribute that you previously added, highlight the attribute in the Required Attributes list or the Allowed Attributes list and then click the corresponding Remove button.

    11. You cannot remove either allowed or required inherited attributes.

  11. Click OK when you are finished editing object classes.
Deleting Object Classes

You can delete only object classes that you have created. You cannot delete standard object classes. Before you delete an object class, make sure that no directory data is using it.

To delete an object class:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder and then select the Object Classes tab in the right pane.

  4. Select the object class you want to remove and click Delete.

  5. If prompted, confirm the delete.

    6. The server immediately deletes the object class. There is no undo.


Managing Attributes
Through the Directory Server Console, you can view all attributes in your schema and you can create, edit, and delete your attribute extensions to the schema. The following sections describe how to manage attributes:

For information on managing object classes, see "Managing Object Classes".

Viewing Attributes

To view information about all attributes that currently exist in your directory schema:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder and then select the Attributes tab in the right pane.

    4. This tab contains information about all the standard (read-only) and user-defined attributes in the schema as defined in Table  3.2.

    Table 3.2 Attributes tab reference  

    Table Header
    		Description
    Name
    		The name of the attribute.
    OID
    		The object identifier of the attribute.
    An OID is a string, usually of dotted decimal numbers, that uniquely identifies an object, such as an object class or an attribute. If you do not specify an OID, the directory server automatically uses <attribute name>-oid. For example, if you create the attribute birthdate without supplying an OID, the directory server automatically uses birthdate-oid as the OID.
    For more information about OIDs, or to request a prefix for your enterprise, send mail to the IANA (Internet Assigned Number Authority) at iana@iana.org or visit the IANA website at: http://www.iana.org/iana/.
    Syntax
    		The attribute syntax:
    Multi
    		If the attribute is multivalued, an X appears in this column, otherwise, the server leaves this field blank. The directory server allows more than one instance of a multi-valued attribute per entry.
Creating Attributes

You use the Directory Server Console to create new attributes. Whenever you want to add new attributes to your schema, you must create a new object class to contain them. See  "Creating Object Classes" for more information.

To create a new attribute:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder and then select the Attributes tab in the right pane.

  4. Click Create. The Create Attribute dialog box appears.

  5. Enter a unique name for the attribute in the Attribute Name text box.

  6. (Optional) Enter an object identifier for the attribute in the Attribute OID (Optional) text box.

    7. OIDs are described in Table  3.2.

  7. Select a syntax that describes the data to be held by the attribute from the Syntax pull-down menu.

    8. Available syntaxes are described in Table  3.2.

  8. If you want the attribute to be multi-valued, select the Multi-Valued checkbox. The Directory Server allows more than one instance of a multivalued attribute per entry.

  9. Click OK.
Editing Attributes

You can edit only attributes you have created. You cannot edit standard attributes.

To edit an attribute:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder and then select the Attributes tab in the right pane.

  4. Select the attribute you want to edit in the User Defined Attributes table and click Edit.

    5. The Edit Attribute dialog box appears.

  5. To change the attribute's name, enter a new one in the Attribute Name text box.

  6. To change the attribute's object identifier, enter a new one in the Attribute OID (Optional) text box.

    7. OIDs are described in Table  3.2.

  7. To change the syntax that describes the data to be held by the attribute, choose a new one from the Syntax pull-down menu.

  8. Available syntaxes are described in Table  3.2.

  9. To make the attribute multivalued, select the Multi-Valued checkbox. The Directory Server allows more than one instance of a multivalued attribute per entry.

  10. When you have finished editing the attribute, click OK.

Deleting Attributes
You can delete only attributes that you have created. You cannot delete standard attributes.

To delete an attribute:

  1. On the Directory Server Console, select the Configuration tab.

  2. Select the Database icon in the navigation tree in the left pane.

  3. Select the Schema folder.

    4. The schema configuration tabs appear in the right pane.

  4. Select the Attributes tab.

  5. In the User Defined Attributes table, select the attribute and click Delete.

  6. If prompted, confirm the delete.

    7. The server immediately deletes the attribute. There is no undo.

 

© Copyright 1999 Netscape Communications Corporation, a subsidiary of America Online, Inc. All Rights Reserved.