In general, you should not change existing object classes or attributes in the schema, but use or add to them for your purposes. If you change an attribute or object class so that the Solaris for ISPs software cannot use it, you may have to reinstall the directory. In this case, any data entries not backed up will be lost. For information on backing up the directory, see the Sun Directory Services manual pages for ldbmcat and ldif2ldbm.
If you decide to add to the schema, refer to Chapter 8, "Configuring the Directory Schema," of the Sun Directory Services 3.1 Administration Guide for complete details.
To ensure the integrity of the directory, you should periodically back up the schema configuration files. Certainly, you should back up the schema before starting work to extend it for your own uses.
As discussed in detail in Chapter 4, "Configuring Directory Services," of the Sun Directory Services 3.1 Administration Guide, the following files are critical for directory services function:
dsserv.conf holds the main configuration information.
dsserv.oc.conf holds the object class definitions.
dsserv.at.conf holds the attribute definitions.
dsserv.acl.conf holds access control information.
Copies of these files are stored in three places in the system:
/etc/opt/SUNWconn/ldap/current holds the current configuration files.
/etc/opt/SUNWconn/ldap/default holds the default configuration files that were installed with the software. (These files are read-only.)
/etc/opt/SUNWconn/ldap/previous holds the previous configuration files.
Before starting any work on the schema, back up the configuration files in /etc/opt/SUNWconn/ldap/current and those in /etc/opt/SUNWconn/ldap/previous. When you edit the files, Sun Directory Services copies the unedited files in ~/current to ~/previous. It does this only once per editing session, (until you restart dsservd). If you are making many changes to the schema, you may want to make manual backups of your changes as you work.
Backup information is presented in detail in Chapter 4, "Configuring Directory Services," of the Sun Directory Services 3.1 Administration Guide.
To restore your directory services configuration to a previous version, stop dsservd, replace the desired configuration files in /etc/opt/SUNWconn/ldap/current, and restart the daemon. Step-by-step information is presented in Chapter 4, "Configuring Directory Services," of the Sun Directory Services 3.1 Administration Guide.
When Solaris for ISPs is installed, the original schema configuration files are backed up at /etc/opt/SUNWisp/SUNWconn/ldap/backup. This files were customized at installation with your root domain and administrator information. If you are working on the schema, and arrive at a situation where Solaris for ISPs does not work, restore the default schema as follows:
Log into the machine where the directory services is running.
Give yourself root access.
Stop the directory services server, by entering:# /etc/init.d/dsserv stop
You can also stop and start the server through its administration console.
Copy each of the configuration files from the backup to the current directory:
cp /etc/opt/SUNWisp/SUNWconn/ldap/backup/ispdsserv.conf /etc/opt/SUNWconn/ldap/current/dsserv.conf
cp /etc/opt/SUNWisp/SUNWconn/ldap/backup/ispdsserv.at.conf /etc/opt/SUNWconn/ldap/current/dsserv.at.conf
cp /etc/opt/SUNWisp/SUNWconn/ldap/backup/ispdsserv.oc.conf /etc/opt/SUNWconn/ldap/current/dsserv.oc.conf
cp /etc/opt/SUNWisp/SUNWconn/ldap/backup/ispdsserv.acl.conf /etc/opt/SUNWconn/ldap/current/dsserv.acl.conf
cp /etc/opt/SUNWisp/SUNWconn/ldap/backup/mapping/radius.mapping /etc/opt/SUNWconn/ldap/current/mapping/radius.mapping
Start the directory services server by entering:# /etc/init.d/dsserv start