[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: newbie question: generic schema for LDAP servers?

To: Dave Snoopy <kingsnoopy7@yahoo.com>
Subject: Re: newbie question: generic schema for LDAP servers?
From: Jon Roberts <jon@mentata.com>
Date: Thu, 03 Apr 2003 15:38:05 -0600
Cc: openldap <openldap-software@OpenLDAP.org>
References: <20030403183911.25005.qmail@web20502.mail.yahoo.com>
User-agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.1) Gecko/20020826

Dave Snoopy wrote:

Here's a newbie question for you out there. Is there
some kind of generic schema or layout for LDAP servers
regarding users?


There are a few. Schema files can be found under:

[OpenLDAP Home]/etc/openldap/schema

For example, I use the following query to list all
users in my Windows 2000 domain:
(&(objectClass=user)(objectCategory=person))

More like (objectClass=person), (objectClass=inetorgperson), or such. There are actually a number of classes that can serve as accounts, depending on what you use your directory for.

But would this same query also work against an OpenLDAP server, or some other LDAP server?

Unlikely, although you could make a custom schema to define these classes. Microsoft always has to do things their own way.

Or is the user schema totally up to the LDAP administrator to design/choose?


Use the defaults, design your own, or a bit of both.... the choice is yours.

If the latter, are there common schemas
which LDAP admins often choose from?


Check core.schema, cosine.schema, or inetorgperson.schema for starters.

For a design example, see:

http://www.mentata.com/ldaphttp/examples/congress/sdd/3.htm#1

Jon Roberts
www.mentata.com

References:
- newbie question: generic schema for LDAP servers?
  - From: Dave Snoopy <kingsnoopy7@yahoo.com>

Prev by Date: Re: make test got stuck at Testing for slave slapd...
Next by Date: RE: Replication Suggestions
Index(es):
- Chronological
- Thread