83 lines
4.1 KiB
HTML
83 lines
4.1 KiB
HTML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="dc.language" scheme="rfc1766" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow"/>
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<title>Directory Server (LDAP) - Dynamic schema</title>
|
|
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
|
|
<link rel="stylesheet" type="text/css" href="ic.css" />
|
|
</head>
|
|
<body>
|
|
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
|
|
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
|
|
|
|
|
|
<a name="rzahydynamicschema"></a>
|
|
<h3 id="rzahydynamicschema">Dynamic schema</h3>
|
|
<p>To perform a dynamic schema change, use the ldap_modify API with a DN of
|
|
"cn=schema". It is permissible to add, delete, or replace only one schema
|
|
entity (for example, an attribute type or an object class) at a time.</p>
|
|
<p>To delete a schema entry, specify the schema attribute that defines the
|
|
schema entry (objectclasses or attributetypes), and for its value, the OID
|
|
in parentheses. For example, to delete the attribute with OID <attr-oid>:
|
|
</p>
|
|
<pre class="xmp">dn: cn=schema
|
|
changetype: modify
|
|
delete: attributetypes
|
|
attributetypes: ( <attr-oid> )
|
|
</pre><p class="indatacontent"> You can also provide a full description. In either case, the matching
|
|
rule used to find the schema entity to delete is objectIdentifierFirstComponentMatch.</p>
|
|
<p>To add or replace a schema entity, you MUST provide a LDAP Version 3 definition
|
|
and you MAY provide the IBM definition. In all cases, you must provide only
|
|
the definition or definitions of the schema entity that you want to affect.</p>
|
|
<p>For example, to delete the attribute type 'cn' (its OID is 2.5.4.3), use
|
|
ldap_modify() with:</p>
|
|
<pre class="xmp"> LDAPMod attr;
|
|
LDAPMod *attrs[] = { &attr, NULL };
|
|
char *vals [] = { "( 2.5.4.3 )", NULL };
|
|
attr.mod_op = LDAP_MOD_DELETE;
|
|
attr.mod_type = "attributeTypes";
|
|
attr.mod_values = vals;
|
|
ldap_modify_s(ldap_session_handle, "cn=schema", attrs);</pre><p class="indatacontent">To add a new
|
|
attribute type bar with OID 20.20.20 that inherits from the attribute "name"
|
|
and has a length of 20 chars:</p>
|
|
<pre class="xmp"> char *vals1[] = { "( 20.20.20 NAME 'bar' SUP name )" NULL };
|
|
char *vals2[] = { "( 20.20.20 LENGTH 20 )", NULL };
|
|
LDAPMod attr1;
|
|
LDAPMod attr2;
|
|
LDAPMod *attrs[] = { &attr1, &attr2, NULL };
|
|
attr1.mod_op = LDAP_MOD_ADD;
|
|
attr1.mod_type = "attributeTypes";
|
|
attr1.mod_values = vals1;
|
|
attr2.mod_op = LDAP_MOD_ADD;
|
|
attr2.mod_type = "IBMattributeTypes";
|
|
attr2.mod_values = vals2;
|
|
ldap_modify_s(ldap_session_handle, "cn=schema", attrs);</pre>
|
|
<p>The LDIF version of the above would be:</p>
|
|
<pre class="xmp">dn: cn=schema
|
|
changetype: modify
|
|
add: attributetypes
|
|
attributetypes: ( 20.20.20 NAME 'bar' SUP name )
|
|
-
|
|
add:ibmattributetypes
|
|
ibmattributetypes: (20.20.20 LENGTH 20)</pre>
|
|
<p><span class="bold">Access controls</span></p>
|
|
<p>Dynamic schema changes can be performed only by a replication supplier
|
|
or the administrator DN.</p>
|
|
<p><span class="bold">Replication</span></p>
|
|
<p>When a dynamic schema change is performed, it is replicated.</p>
|
|
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
|
|
</body>
|
|
</html>
|