1# OpenLDAP: pkg/ldap/servers/slapd/schema/openldap.ldif,v 1.2.2.6 2010/04/13 20:23:49 kurt Exp 2## This work is part of OpenLDAP Software <http://www.openldap.org/>. 3## 4## Copyright 1998-2010 The OpenLDAP Foundation. 5## All rights reserved. 6## 7## Redistribution and use in source and binary forms, with or without 8## modification, are permitted only as authorized by the OpenLDAP 9## Public License. 10## 11## A copy of this license is available in the file LICENSE in the 12## top-level directory of the distribution or, alternatively, at 13## <http://www.OpenLDAP.org/license.html>. 14# 15# 16# OpenLDAP Project's directory schema items 17# 18# depends upon: 19# core.schema 20# cosine.schema 21# inetorgperson.schema 22# 23# These are provided for informational purposes only. 24# 25# This openldap.ldif file is provided as a demonstration of how to 26# convert a *.schema file into *.ldif format. The key points: 27# In LDIF, a blank line terminates an entry. Blank lines in a *.schema 28# file should be replaced with a single '#' to turn them into 29# comments, or they should just be removed. 30# In addition to the actual schema directives, the file needs a small 31# header to make it a valid LDAP entry. This header must provide the 32# dn of the entry, the objectClass, and the cn, as shown here: 33# 34dn: cn=openldap,cn=schema,cn=config 35objectClass: olcSchemaConfig 36cn: openldap 37# 38# The schema directives need to be changed to LDAP Attributes. 39# First a basic string substitution can be done on each of the keywords: 40# objectIdentifier -> olcObjectIdentifier: 41# objectClass -> olcObjectClasses: 42# attributeType -> olcAttributeTypes: 43# Then leading whitespace must be fixed. The slapd.conf format allows 44# tabs or spaces to denote line continuation, while LDIF only allows 45# the space character. 46# Also slapd.conf preserves the continuation character, while LDIF strips 47# it out. So a single TAB/SPACE in slapd.conf must be replaced with 48# two SPACEs in LDIF, otherwise the continued text may get joined as 49# a single word. 50# The directives must be listed in a proper sequence: 51# All olcObjectIdentifiers must be first, so they may be referenced by 52# any following definitions. 53# All olcAttributeTypes must be next, so they may be referenced by any 54# following objectClass definitions. 55# All olcObjectClasses must be after the olcAttributeTypes. 56# And of course, any superior must occur before anything that inherits 57# from it. 58# 59olcObjectIdentifier: OpenLDAProot 1.3.6.1.4.1.4203 60# 61olcObjectIdentifier: OpenLDAP OpenLDAProot:1 62olcObjectIdentifier: OpenLDAPattributeType OpenLDAP:3 63olcObjectIdentifier: OpenLDAPobjectClass OpenLDAP:4 64# 65olcObjectClasses: ( OpenLDAPobjectClass:3 66 NAME 'OpenLDAPorg' 67 DESC 'OpenLDAP Organizational Object' 68 SUP organization 69 MAY ( buildingName $ displayName $ labeledURI ) ) 70# 71olcObjectClasses: ( OpenLDAPobjectClass:4 72 NAME 'OpenLDAPou' 73 DESC 'OpenLDAP Organizational Unit Object' 74 SUP organizationalUnit 75 MAY ( buildingName $ displayName $ labeledURI $ o ) ) 76# 77olcObjectClasses: ( OpenLDAPobjectClass:5 78 NAME 'OpenLDAPperson' 79 DESC 'OpenLDAP Person' 80 SUP ( pilotPerson $ inetOrgPerson ) 81 MUST ( uid $ cn ) 82 MAY ( givenName $ labeledURI $ o ) ) 83# 84olcObjectClasses: ( OpenLDAPobjectClass:6 85 NAME 'OpenLDAPdisplayableObject' 86 DESC 'OpenLDAP Displayable Object' 87 AUXILIARY 88 MAY displayName ) 89