Renaming Attributes and DNs
Each entry in a directory is identified by a DN and a set of attributes and their values. Often, the DNs and the attributes defined on the client side do not map to the DNs and the attributes defined on the server side. Data views can be defined to rename DNs and attributes. When a client makes a request, the DNs and attributes are renamed to match the server side. When the result is returned to a client, the DNs and attributes are changed back to match the client side.
For information about attribute renaming and DN renaming, see Attribute Renaming and DN Renaming in Sun Java System Directory Server Enterprise Edition 6.1 Reference. For information about how to rename attributes and DNs, see the following procedures:
To Configure Attribute Renaming
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
-
Set one or more attr-name-mappings properties on the data view for which you want to configure attribute mapping.
$ dpconf set-ldap-data-view-prop -h host -p port view-name \ attr-name-mappings:client-side-attribute-name#server-side-attribute-name [attr-name-mappings:client-side-attribute-name#server-side-attribute-name ...]
For example, rename surname on the client side to sn on the server side.
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 myDataView \ attr-name-mappings:surname#sn
To add an attribute mapping to an existing list of mappings, use this command:
$ dpconf set-ldap-data-view-prop -h host -p port view-name \ attr-name-mappings+:client-side-attribute-name#server-side-attribute-name
To remove an attribute mapping from an existing list of mappings, use this command:
$ dpconf set-ldap-data-view-prop -h host -p port view-name \ attr-name-mappings-:client-side-attribute-name#server-side-attribute-name
To Configure DN Renaming
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
-
View the base-dn property and the DN mapping properties of the data view for which you want to rename DNs.
$ dpconf get-ldap-data-view-prop -h host -p port view-name base-dn \ dn-mapping-source-base-dn dn-mapping-attrs
The properties have the following meanings:
-
base-dn is the DN of the subtree on the client side, which is equivalent to the base DN of the data view.
-
dn-mapping-source-base-dn is the DN of the subtree on the server side.
-
dn-mapping-attrs defines a list of attributes that contain DNs of entries.
For example, the data view for the dc=example,dc=com database on the client side has the following values when DN renaming is not defined:
$ dpconf get-ldap-data-view-prop myDataView base-dn \ dn-mapping-source-base-dn dn-mapping-attrs base-dn : dc=example,dc=com dn-mapping-attrs : none dn-mapping-source-base-dn : none
-
-
Map a DN on the client side to a DN on the server side.
$ dpconf set-ldap-data-view-prop -h host -p port view-name \ dn-mapping-source-base-dn:server-side-dn
For example, map the dc=example,dc=com database on the client side to dc=example,dc=org on the server side.
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 myDataView \ dn-mapping-source-base-dn:dc=example,dc=org
-
Rename attributes in the portion of the DIT that is affected by Step 2, if those attributes contain DNs.
$ dpconf set-ldap-data-view-prop -h host -p port view-name \ dn-mapping-attrs:attribute-name [dn-mapping-attrs:attribute-name ...]
For example, if the group attribute contains DNs in the namespace affected by the rename operation in Step 2, rename the attribute as follows:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 myDataView dn-mapping-attrs:group
To add a DN mapping to an existing list of mappings, use this command:
$ dpconf set-ldap-data-view-prop -h host -p port view-name dn-mapping-attrs+:attribute-name
To remove a DN mapping from an existing list of mappings, use this command:
$ dpconf set-ldap-data-view-prop -h host -p port view-name dn-mapping-attrs-:attribute-name
-
View the base-dn property and the DN mapping properties of the data view for which you have renamed DNs.
$ dpconf get-ldap-data-view-prop -h host -p port view-name base-dn \ dn-mapping-source-base-dn dn-mapping-attrs
For example, the data view for the dc=example,dc=com database on the client side has the following values after DN renaming:
$ dpconf get-ldap-data-view-prop -h host1 -p 1389 myDataView base-dn \ dn-mapping-source-base-dn dn-mapping-attrs base-dn : dc=example,dc=com dn-mapping-attrs : group dn-mapping-source-base-dn : dc=example,dc=org
- © 2010, Oracle Corporation and/or its affiliates