Schema Management: Creating Custom Object Classes

Auxiliary Object Classes

Auxiliary object classes are groups of attributes that expand the existing list of attributes in an entry. For example, suppose you have already defined an entry as a member of two object classes, and you want to assign to that entry additional attributes that do not belong to either of those two object classes. You can create a new auxiliary object class which contains the extra attributes, and then associate that auxiliary object class with the entry.

This is an alternative to redefining the existing object classes. Unlike structural object classes, auxiliary classes do not place restrictions on where an entry may be stored.

In the following hands-on exercises we will extend the schema by creating a new object class called "myOC" which will use the attribute "myAttr" created in the previous exercise.

Then we will associate the new object class with a directory entry and populate the "myAttr" attribute with a value.

It is durring the creation of an object class that you define an attribute as mandatory or optional.

Mandatory Attributes

A mandatory attribute must always contain a value and may never contain a null value when it is associated with a directory entry. To declare an attribute mandatory in the object class definition use the "MUST" statement.

Optional Attributes

An optional attribute does not need to contain a value and may remain null. To declare an attribute optional in the object class definition use the "MAY" statement.

Here is a sample of an object class defnition with both mandatory and optional attributes.

objectclasses: ( 1.2.3.4.5.6.739 NAME 'newOC' DESC 'User Defined ObjectClass' SUP 'inetorgperson' MUST ( sn $ cn ) MAY ( description $ seealso $ telephonenumber )

By now you should have downloaded the sample LDIF files and added the "initial.ldif" file contents into the DIT for this hands-on exersice.

Lets examine the contents of the file "newattr.ldif".

This first line specifies where the new attribute will be added in the LDAP server.

dn: cn=subschemasubentry

The next line tells us the type of change against the "cn=subschemasubentry" is a modification.

changetype: modify

The next line more specifically tells us that the modification type will add a new object class to the schema.

add: objectclasses

The last two lines are the definition of the new object class.

The dewey decimal formatted number is the object ID of the new attribute. Its sort of like a serial number. No other object in the schema can use this number. After the object ID is the name of the new object class.

objectclasses: ( 1.2.3.4.5 NAME 'myOC'

Next is the description section. Use this to put in a description for your new object class. Folling the decritption is the list of attribute associated with this new object class. In this case we will associate the attribute "myAttr" that was created in theprevious exercise. The word "MAY" indicates that this attribute will be optional. This means that attribute does not need to contain a value and may remain null.

DESC 'my Objectclass definition' MAY myAttr )

Prerequisites

OID must be installed

OID must be running

The initial.ldif file should be loaded

The myAttr attribute needs to be created

Run the following command against the "newaclass.ldif" file

ldapmodify -p 4032 -h localhost -D "cn=orcladmin" -w welcome1 -f /tmp/newaclass.ldif

Take a look at the "newaclass.ldif" file. "MAY" means that the attribute "myAttr" may remain null. Therefore myAttr is declared as an optional attribute and not a mandatory attribute. If you had used "MUST" instead of "MAY" this would mean that the attribute "myAttr" must contain a value whenever you use the myOC object class in a directory entry.

Add your new auxiliary objectclass to an existing entry.

ldapmodify -p 4032 -h localhost -D "cn=orcladmin" -w welcome1 -f /tmp/addaclass.ldif

Now add a value to the new attribute.

ldapmodify -p 4032 -h localhost -D "cn=orcladmin" -w welcome1 -f /tmp/addattr.ldif

Take a look these files and see how its done