121 lines
7.1 KiB
HTML
121 lines
7.1 KiB
HTML
|
<?xml version="1.0" encoding="utf-8"?>
|
||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="dc.language" scheme="rfc1766" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow"/>
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<title>Directory Server (LDAP) - IBM Directory Server schema</title>
|
||
|
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="ic.css" />
|
||
|
</head>
|
||
|
<body>
|
||
|
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
|
||
|
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
|
||
|
|
||
|
|
||
|
<a name="rzahyibmschema"></a>
|
||
|
<h3 id="rzahyibmschema">IBM Directory Server schema</h3>
|
||
|
<p>The schema for the Directory Server is predefined, however, you can change
|
||
|
the schema, if you have additional requirements. For more information about
|
||
|
how to change the schema, see <a href="rzahymanschema.htm#rzahymanschema">Manage the schema</a>.</p>
|
||
|
<p>The Directory Server includes dynamic schema support. The schema is published
|
||
|
as part of the directory information, and is available in the Subschema entry
|
||
|
(DN="cn=schema"). You can query the schema using the ldap_search() API and
|
||
|
change it using ldap_modify(). See the "<a href="../apis/dirserv1.htm">Directory
|
||
|
Server APIs</a>" topic for more information about these APIs.</p>
|
||
|
<p>The schema has more configuration information than that included in the
|
||
|
LDAP Version 3 Request For Comments (RFCs) or standard specifications. For
|
||
|
example, for a given attribute, you can state which indexes must be maintained.
|
||
|
This additional configuration information is maintained in the subschema entry
|
||
|
as appropriate. An additional object class is defined for the subschema entry
|
||
|
IBMsubschema, which has "MAY" attributes that hold the extended schema information.</p>
|
||
|
<p>The Directory Server defines a single schema for the entire server, accessible
|
||
|
through a special directory entry, "cn=schema". The entry contains all of
|
||
|
the schema defined for the server. To retrieve schema information, you can
|
||
|
perform an ldap_search by using the following:</p>
|
||
|
<pre class="xmp"> DN: "cn=schema", search scope: base, filter: objectclass=subschema
|
||
|
or objectclass=*</pre>
|
||
|
<p>The schema provides values for the following attribute types:</p>
|
||
|
<ul>
|
||
|
<li>objectClasses (For more information about objectClasses, see <a href="rzahyobjectclass.htm#rzahyobjectclass">Object classes</a>.)</li>
|
||
|
<li>attributeTypes (For more information about attributeTypes, see <a href="rzahyattributes.htm#rzahyattributes">Attributes</a>.)</li>
|
||
|
<li>IBMAttributeTypes (For more information about IBMAttributeTypes, see <a href="rzahyibmattras.htm#rzahyibmattras">The IBMAttributeTypes attribute</a>.)</li>
|
||
|
<li>matching rules (For more information about matching rules, see <a href="rzahymatchrules.htm#rzahymatchrules">Matching rules</a>).</li>
|
||
|
<li>ldap syntaxes (For more information about ldap syntaxes, see <a href="rzahysyntax.htm#rzahysyntax">Attribute syntax</a>).</li></ul><p class="indatacontent">The syntax of these schema definitions is based on the LDAP Version 3
|
||
|
RFCs.</p>
|
||
|
<p>A sample schema entry might contain:</p>
|
||
|
<pre class="xmp">objectclasses=( 1.3.6.1.4.1.1466.101.120.111
|
||
|
NAME 'extensibleObject'
|
||
|
SUP top AUXILIARY )
|
||
|
|
||
|
objectclasses=( 2.5.20.1
|
||
|
NAME 'subschema'
|
||
|
AUXILIARY MAY
|
||
|
( dITStructureRules
|
||
|
$ nameForms
|
||
|
$ ditContentRules
|
||
|
$ objectClasses
|
||
|
$ attributeTypes
|
||
|
$ matchingRules
|
||
|
$ matchingRuleUse ) )
|
||
|
objectclasses=( 2.5.6.1
|
||
|
NAME 'alias'
|
||
|
SUP top STRUCTURAL
|
||
|
MUST aliasedObjectName )
|
||
|
|
||
|
attributeTypes=( 2.5.18.10
|
||
|
NAME 'subschemaSubentry'
|
||
|
EQUALITY distinguishedNameMatch
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
|
||
|
NO-USER-MODIFICATION
|
||
|
SINGLE-VALUE USAGE directoryOperation )
|
||
|
attributeTypes=( 2.5.21.5 NAME 'attributeTypes'
|
||
|
EQUALITY objectIdentifierFirstComponentMatch
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.3
|
||
|
USAGE directoryOperation )
|
||
|
attributeTypes=( 2.5.21.6 NAME 'objectClasses'
|
||
|
EQUALITY objectIdentifierFirstComponentMatch
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.37
|
||
|
USAGE directoryOperation
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
||
|
USAGE directoryOperation )
|
||
|
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'DN' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'INTEGER' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )
|
||
|
ldapSyntaxes=( 1.3.6.1.4.1.1466.115.121.1.53 DESC 'UTC Time' )
|
||
|
|
||
|
matchingRules=( 2.5.13.2 NAME 'caseIgnoreMatch'
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
||
|
matchingRules=( 2.5.13.0 NAME 'objectIdentifierMatch'
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
|
||
|
matchingRules=( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch'
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
|
||
|
matchingRules=( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch'
|
||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
|
||
|
</pre>
|
||
|
<p>The schema information can be modified through the ldap_modify API. Consult
|
||
|
the "<a href="../apis/dirserv1.htm">Directory Server APIs</a>" topic
|
||
|
for additional information. With the DN "cn=schema" you can add, delete or
|
||
|
replace an attribute type or an object class. See <a href="rzahydynamicschema.htm#rzahydynamicschema">Dynamic schema</a> and <a href="rzahymanschema.htm#rzahymanschema">Manage the schema</a> for more information. You also can provide a full
|
||
|
description. You can add or replace a schema entry with the LDAP Version 3
|
||
|
definition or with the IBM attribute extension definition or with both definitions.</p>
|
||
|
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
|
||
|
</body>
|
||
|
</html>
|