Re: How to change a schema attribute definition or how to change the slapd configuration?

On Wed, Jan 09, 2013 at 04:21:43PM +0000, Philip Colmer wrote:

> I'm using OpenLDAP on Ubuntu 12.04. The installation of OpenLDAP automatically
> installs the schemas for core, cosine, nis and inetorgperson.
> In the nis schema, posixGroup is defined as structural but I need it to be
> auxiliary.

It is a very very bad idea to change the definitions of
standard types. There may be code out there that will break in
interesting and unpredictable ways. I would agree that many of
the standard types seem a bit haphazard these days, but they
are still standard...

Why do you 'need it to be auxiliary'?

Would it be better to say that you want to make some entries
that have gidNumber and memberUid and some other attributes
that are not in the posixGroup list? If so, why not define your
own auxiliary class that allows you to add the other attributes
to a posixGroup entry?

If you really cannot add a new aux class to the entries
concerned, you could consider using a DIT Content Rule to
permit more attributes. This would be standards-conformant, but
unfortunately many LDAP browsers don't understand it so editing
such entries could be a bit awkward.

