[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Creating LDAP schema issue
- To: openldap-technical@openldap.org
- Subject: Creating LDAP schema issue
- From: Leander Schäfer <info@netocean.de>
- Date: Thu, 22 Jan 2015 22:32:11 +0100
- User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
Hi
Unfortunately I'm struggeling, since since 2.5 days. I have to create
individual a LDAP schema which suits the currently used LDAP structure.
The current tructure looks like this:
=> dc=MyDomain,dc=TLD
==> ou=People
===> uid=User-1
====> ou=mail
===> uid=User-2
====> ou=mail
... and so on ...
Within ou=mail should be the individual mail account(s) information of a
user. So in the end I want to add a(nother) mail account by something
like this:
cat << EOF > ./newUser.ldif
dn:
mailAddress=Test@Domain.TLD,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectclass: top
objectclass: mailAccount
mailAddress: Test@Domain.TLD
MailPassword: {SSHA}SomePassword
MailAccountStatus: active
[...]
EOF
Therefore I setup a LDAP schema like the following, but it seems to
ignore the attributes "MailPassword" and "noMailAccountStatus". Why? I
don't understand what I'm missing here on my objectclass? I'm sure it is
an easy little thing to fix - but I just can't figure it out with the
tutarials provided I went thorugh ;/
# ====================== LDAP schema ======================= #
#
# OID Macros (10001 should be IANA-registered)
#
objectidentifier nameSpace 1.3.6.1.4.1.10001
objectidentifier mail nameSpace:1
objectidentifier objectClassAccount mail:1
objectidentifier objectClassAccountInfo mail:2
#
# Attributes: objectClass[NAME]:1.[SERIAL]
#
attributetype ( objectClassAccount:1.1
NAME 'mailAddress'
DESC 'The hosted mail addresses'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
attributetype ( objectClassAccount:1.2
NAME 'MailPassword'
DESC 'The hosted mail password'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributetype ( objectClassAccount:1.3
NAME 'MailAccountStatus'
DESC 'The status of a user account: active, noaccess, disabled,
deleted'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
[...]
#
# Objects: objectClass[NAME]:2.[SERIAL]
#
objectclass ( objectClassAccount:2.1
NAME 'mailAccount'
SUP ( top )
STRUCTURAL
DESC 'Mail account'
MUST ( mailAddress )
MAY ( MailPassword $ MailAccountStatus ) )
# ====================================================== #
Thanks
Best Regards,
Leander