[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Custom ldapSyntax

> Peter SchÃŒtt wrote:
>> I use OpenLDAP 2.4.19 and I try to build
>> an own gender attribute.
> Why not use existing suggestions?
>> I need a custom syntax for the value,
>> "M" or "W".
> With OpenLDAP you don't need an extra syntax. You could use
> slapo-constraint
> for restricting attribute values. See the man-page slapo-constraint(5).
>> How can I create my own custom syntax?
> An own LDAP syntax requires coding something which runs inside slapd (e.g.
> an
> overlay).

Actually, it would be much simpler than an overlay: all one needs to do is
write a module that loads a syntax with its own handlers for validation
and prettification.  This means writing code that needs to be maintained,
though.  A simpler approach would be to use the boolean syntax, with an
attribute that basically contains "isFemale"; then TRUE and FALSE would
have a straightforward meaning (in a two-gender world, of course).

Or, one could use directoryString and restrict the value using
slapo-constraint(5); something like

constraint_attribute sex regex "^[MW]$"

should work (untested, though).