Configuring the Directory Server
Configuring Security in the Directory Server
Running the Directory Server as a Non-Root User
Working With Object Identifiers (OIDs)
Extending the Directory Schema
Extending the Schema With a Custom Schema File
The directory server reads the schema once at startup and then uses the schema information to match a search filter request or assertion to an entry's attributes to determine if any add or modify operations are permitted by the client.
In most cases, the default schema should be sufficient for most applications. However, you can take advantage of the flexibility of the directory server to extend the schema to suit your applications. The general procedure is not to relinquish the standard schema to a new custom schema, but to use the standard attributes or object classes wherever possible. If you require custom attributes or object classes that are not handled with the standard schema, you can create or extend the standard schema with auxiliary attributes and object classes required for your application.
The schema is stored in the directory under the suffix (cn=schema). The directory server also has a subschema subentry that defines the schema elements plus the set of operational attributes in the directory.
You can extend the schema in one of two ways:
Extend the schema over LDAP.
Create a custom schema definition file.
Before you consider extending the default schema, or designing your own schema, ensure that you have a solid understanding of schema syntax and design. For background information on schema architecture, see Understanding the Directory Server Schema in Sun OpenDS Standard Edition 2.0 Architectural Reference.
The basic steps to design or extend a schema are as follows:
Map the data to the default schema. Where possible, use the existing schema elements that are defined in the directory server. Standard schema elements help to ensure compatibility with directory-enabled applications. Because the schema is based on the LDAP standard, it has been reviewed and agreed upon by a large number of directory users.
Identify unmatched data. The default schema was designed to accommodate a large variety of information objects. However, if the schema does not handle your specific data type, then make note of it and any other data types needed for your directory.
Extend the default schema to define new elements. For optimal performance, reuse existing schema elements wherever possible. Also, minimize the number of mandatory attributes that you define for each object class. Keep the schema as simple as possible. Do not define more than one object class or attribute for the same purpose.
Use schema checking. Schema checking ensures that attributes and object classes conform to the schema rules.
Select and apply a consistent data format. The LDAP schema allows you to place any data on any attribute value. However, you should store data consistently by selecting a format appropriate for your LDAP client application and directory users.
The default schema provided with the directory server is a collection of LDIF files stored under install-dir/config/schema. The directory server loads the schema files in alphanumeric order (numerals first) at directory server startup.
|  | Caution - Never modify the standard schema definitions and internal operational attributes in these files. | 
The following table describes the default schema files and their contents.
| 
 |