I have recently added a few new attributes to an existing object class (this was a custom object class, not an out-of-the-box one). I also created a few olcAccess (ACL) entries to enable access to these new attributes and olcDbIndex entries to index the values of the attributes. I added all of these using the cn=config directory structure containers. It is my understanding that unless I modify schema/ldif files on the server that these changes will be lost upon server/service restart.
I have the idea that these are the correct folder, but since I’ve never done this before I’m seeking confirmation/direction.
The ACLs and Indices appear to be located in the /opt/<Server-Instance>/common/setup folder. In this folder there is an olcAccess.bdb.ldif file (which appears to hold the ACLs). There’s also an LDIF file for the frontend and monitor container located within cn=config.
The attributes appear to be located in the /opt/<Server-Instance>1/etc/openldap/schema.mbi folder (mbi is an identifier for our organization). In this folder there is a file named mbiUser.schema (mbiUser is the custom object class). I suspect that this is where the attributes would be stored.
Again, this is a non-exhaustive listing of a few things that caught my eye.
Let me know if you have any thoughts or suggestions. Thanks much,
Identity Administrator | Information Systems
From the Word. To Life.