[Date Prev][Date Next]
Re: How to replace account with inetOrgPerson?
On Wednesday, 7. September 2011, Mi wrote:
> >> So, how can I add "inetOrgPerson" and remove "account" ?
> > The only way I know is you export the entry, modify the ldif and
> > reimport.
> I will try that. But I still have the feeling there must be a "better" way
> of doing it, and I just don't know it...
Indeed, there is another way.
This way even allows you to keep both objectclasses at the objects,
and do it all without taking the LDAP server down.
If I remember corrctly, these are the steps:
1) Aquire an OID arc from IANA
2) Define a schema file [gere in the slapd.conf form] similar to the one below
# symbolic names for sub-arcs of your OID arc
objectIdentifier myOIDroot 220.127.116.11.4.1.YOUR_OID_NO_FROM_IANA
objectIdentifier myOIDldap myOIDroot:1
objectIdentifier myOIDattributeType myOIDldap:1
objectIdentifier myOIDobjectClass myOIDldap:2
# objectclass definition
objectClass ( myOIDobjectClass:1 'myOIDPerson'
DESC 'Person inheriting from account and inetOrgPerson'
SUP ( account $ inetOrgPerson )
MUST ( uid $ cn ) )
3) add the missing uid / cn attributes where necessary
4) add the objectclass 'myOIDperson' to all objects you want to have
5) If you want to have both objectclases mentioned explicitly,
you may add the missing one to the myOIDPerson objects