Create a new objectClass in order to add a custom attribute to an existing objectClass

Question

Long titles ask for short answers :)

I have a ldap server with the default schemas. Under some organizational unit I have entries that have the structural objectClass person and another two clasess uidObject and top.

I need to add an attribute to these entries called enabledServices and I want to store in it each service that the particular person has access to ( mostly for vpn ).

From what I understood so far, I can create a new objectClass that has only one attribute and I can add that class to my entries. My question is how I create such a class ?

My set-up involves slapd and phpldapadmin on an ubuntu machine.

score 2 · Accepted Answer · answered Oct 07 '15 at 12:48

2

You create a objectClass by adding a schema to OpenLDAP, schemata are documented at OpenLDAP schema documentation.

Please note:

Once written the schema file, I would be surprised if it could be added to directory with phpldapadmin. I would recommend the command line tools;
the examples in the documentation are in the old config format: you should convert them to the newer conf.d ldif format.

answered Oct 07 '15 at 12:48

Francesco Malvezzi

416

1

regarding the conversion I believe this document helps a lot so I figured I should share http://www.cyrill-gremaud.ch/linux/how-to-add-new-schema-to-openldap-2-4 – Tsouica Oct 08 '15 at 07:59

Create a new objectClass in order to add a custom attribute to an existing objectClass

1 Answers1