Novell Home

Using LDIF to Modify eDirectory Schema

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 8 Dec 2003
 

Did you realize that you can perform any schema operation using LDIF scripts? Very useful for things like the dreaded -644 error (schema is in use). Here's the scoop.

Before you Delete Anything...

Before you can delete a schema definition, you must make sure that it is not used anywhere in your entire tree. eDirectory will only verify that the definition is not used by any object held on the server holding the [Root] replica which you send your schema modification request to. If there is an object somewhere in the tree that does use the schema definition, it will either become unknown, be deleted (if the class was removed), or have the attribute removed when the next DSRepair is run.

If you attempt to delete a schema definition after you have cleaned up any references to that definition, you will still frequently get a -644 error, saying the definition is still in use. This is usually because the deleted attribute values or objects have not yet been fully processed and purged out of the system.

You can force this process to occur earlier than the normal schedule in a couple of ways:

  1. Typing on the NetWare Console SET DSTRACE = *B

or

  1. From iMonitor, go to the Agent Configuration page.
  2. Select the Agent Triggers link which will bring up a page with seven check box options.
  3. Select the Reference Check box, then click Submit.

Both these methods will initiate the Backliner process, which causes the deleted objects or values to be processed and purged (among other things). After this has completed, you can then successfully delete the schema definition.

Adding New Class Definitions

You can add new class definitions, either Auxiliary, Abstract, or Structural. Sample LDIF for this:

version: 1 

# define attributes
dn: cn=schema
changetype: modify
add: attributetypes
attributetypes: (2.16.840.1.113719.1.3.801
  NAME 'novlTestAttr1'
  DESC 'test attribute'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.36
  SINGLE-VALUE ) 

dn: cn=schema
changetype: modify
add: attributetypes
attributetypes: (2.16.840.1.113719.1.3.802
  NAME 'novlTestAttr2'
  DESC 'test attribute'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE ) 

dn: cn=schema
changetype: modify
add: attributetypes
attributetypes: (2.16.840.1.113719.1.3.803
  NAME 'novlTestAttr3'
  DESC 'test attribute'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
  SINGLE-VALUE ) 




#define different class types
dn: cn=schema
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113719.1.3.900
  NAME 'novlPerson1'
  DESC 'Test Abstract class'
  SUP top
  ABSTRACT
  MAY ( novlTestAttr1 )
 )

dn: cn=schema
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113719.1.3.901
  NAME 'novlPerson2'
  DESC 'Test Aux class'
  AUXILIARY
  MAY ( novlTestAttr1 )
 )

dn: cn=schema
changetype: modify
add: objectclasses
objectclasses: ( 2.16.840.1.113719.1.3.902
  NAME 'novlPerson3'
  DESC 'Test Structural class'
  SUP inetOrgPerson
  STRUCTURAL
  MAY ( novlTestAttr2 $ novlTestAttr3 )
 ) 

Deleting a Superclass

You can add a new superclass to an existing class definition, but you can't remove a superclass from a class definition once it has been added. To remove it, you must delete the class definition it was added to (and recreate again if needed), and then you can delete the class that was referenced as the superclass, if desired. Sample LDIF for this:

version: 1 

#do a replace operation that adds a new superclass to an existing object class
dn: cn=schema
changetype: modify
delete: objectclasses
objectclasses: (2.16.840.1.113719.1.3.902)
-
add: objectclasses
objectclasses: (2.16.840.1.113719.1.3.902
  NAME 'novlPerson3'
  DESC 'Add a superclass to existing class'
  SUP ( inetOrgPerson $ novlPerson1 )
  STRUCTURAL
  MAY ( novlTestAttr2 $ novlTestAttr3 )
 )

Adding an Auxiliary Class

You can add an auxiliary class to an existing object instance. Sample LDIF for this:

version: 1 


#define a sample object instance
dn: o=novell
changetype: add
objectclass: organization
o: novell 

dn: cn=user1, o=novell
changetype: add
objectclass: inetorgperson
cn: user1
surname: novl 

#add an auxiliary class, and populate the new attribute it defines 
dn: cn=user1, o=novell
changetype: modify
add:objectclass
objectclass:novlPerson2
novlTestAttr1: 987654321

Removing an Auxiliary Class

You can remove an auxiliary class from an object instance, and automatically have all associated attributes also removed. Sample LDIF for this:

version: 1
 
dn: cn=user1, o=novell
changetype: modify
delete:objectclass
objectclass: novlPerson2 

Deleting an Attribute or Object Class Definition

You can delete an attribute or object class definition (auxiliary or otherwise) if it is no longer in use. You must delete any classes (or remove the attributes from the optional list) that use an attribute before you can delete the attribute itself. Note that if you recently deleted the objects or values using this definition, you will probably get an -644 error. See comments above if that is the case. Sample LDIF for this:

version: 1 


# delete an object class definition
dn: cn=schema
changetype: modify
delete: objectclasses
objectclasses: (2.16.840.1.113719.1.3.901 ) 



# define attributes
dn: cn=schema
changetype: modify
delete: attributetypes
attributetypes: (2.16.840.1.113719.1.3.801)

For more info, see TID 10088759


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell