Messaging Server 6 and Calendar Server 6 have the following schema choices:
Schema 1
Schema 2, native mode
Schema 2, compatibility mode
Messaging Server 5.x and Calendar Server 5.x installations use Schema 1.
The Directory Information Tree (DIT) organizes LDAP entries in a tree structure with nodes representing domains, subdomains, users, groups, and resources.
Schema 1 generally uses a two-tree structure:
The Domain Component (DC) Tree contains domain nodes decorated with all the pertinent domain attributes.
The Organization (OSI) Tree contains organization nodes that have the user, group, and resource entries underneath them.
Messaging and Calendar servers look up entries by accessing domain information in the DC Tree and using that information to find the appropriate entries in the Organization Tree.
Schema 2, native mode, introduces a one-tree structure. A single Organization Tree contains all the LDAP entries:
Domain information held in domain nodes. (In Schema 2, the words domain and organization are used interchangeably.)
User, group, and resource entries found underneath their respective domain nodes.
Messaging and Calendar servers look up entries by accessing domain information in the Organization Tree and using that information to find the appropriate user entries.
If you are running applications (such as provisioning scripts or tools) developed at your site that rely on Schema 1, and it is not a trivial task to convert the applications to use Schema 2, you can choose to migrate to Schema 2, compatibility mode, as a first step before you migrate to Schema 2, native mode.
Schema 2, compatibility mode, retains the two-tree structure of Schema 1.
The Messaging and Calendar servers, and your own user-developed applications, continue to access the LDAP directory exactly as they did in Schema 1:
They use the DC Tree to access the user and group nodes in the Organization Tree.
They use an RFC 2247-compliant search algorithm to look up user entries.
From the perspective of the Messaging and Calendar servers and user-developed applications, Schema 1 is still in place.
At the same time, Schema 2, compatibility mode, enables you to use the Delegated Administrator console and utility (commadmin) and Access Manager features such as single sign-on (SSO). During the migration to Schema 2, compatibility mode, Access Manager object classes, attributes, and ACIs are added to the appropriate nodes in the Organization Tree.
Schema 2, compatibility mode refers to the state of the directory, not to the configuration of the Messaging and Calendar servers.
The Messaging and Calendar servers can only be configured to use Schema 1 or Schema 2.
When the directory is migrated to Schema 2, compatibility mode, the Messaging and Calendar servers should continue to be configured to use Schema 1.
Configure the servers to use Schema 2 only after the directory is migrated to Schema 2, native mode.
Compatibility Mode and Server Configuration shows the relationship of server configuration to the schema level of the directory.
Table 1–1 Server Configuration and Schema Level
Schema Level of the Directory |
Messaging and Calendar Servers Must Be Configured for: |
Messaging and Calendar Servers Can Use Access Manager Features |
---|---|---|
Schema 1 |
Schema 1 |
No |
Schema 2, compatibility mode |
Schema 1 |
Yes |
Schema 2, native mode |
Schema 2 |
Yes |
In this guide, Schema 2 is assumed to be native mode unless the guide refers explicitly to compatibility mode.