Novell is now a part of Micro Focus

I want to add two new attributes to...

Articles and Tips: qna

01 Jul 2003


Q.

I want to add two new attributes to a user class using the LDIF file below and got an error "DSA is unwilling to perform." Where is the problem?

dn: cn=schema
   changetype: modify
   add: attributeTypes
   attributeTypes: ( myAttr1-oid NAME 'myAttr1' SYNTAX
   1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-NDS_NAME 'MyAttribute1' )
   attributeTypes: ( myAttr2-oid NAME 'myAttr1' SYNTAX
   1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-NDS_NAME 'MyAttribute2' )


   dn: cn=schema
   changetype: modify
   replace: objectclasses
   objectclasses: ( inetOrgPerson-oid NAME 'inetOrgPerson' AUXILIARY MAY (
   myAttr1 $ myAttr2 ) X-NDS_NOT_CONTAINER '1' X-NDS_NAME 'User' )

Also, if I have thousands of users already in the directory, do I have to add the auxiliary class to each user?

A.

Are you trying to add these attributes to a user via an auxiliary class? If so, you can create a new auxiliary class that includes the two attributes. Then you apply the auxiliary class to any instances of inetorgperson at the object definition by adding the auxclass to the list of classes which define the object instance. There is an example LDIF that shows this at

http://developer.novell.com/ndk/doc/cldap/ltoolenu/data/ahufd1m.html (see "Adding an Auxiliary Class").

Using Auxiliary classes is the strongly recommended approach over changing the base class. I'm assuming this is what you want to do since you are setting AUXILIARY in your code.

If you really wish to modify the base class, you may, depending on which version of eDirectory you are using. See the information at the URL http://developer.novell.com/ndk/doc/ldapover/ldap_enu/data/cchiggbd.html for a comparison of which versions of eDirectory allow schema object definition modifications.

Modifications may only be for non-destructive functionality--in your case--adding MAY attributes. In this case, you perform two actions (a delete and an add) with the same LDAP request by formatting your LDIF with a hyphen between the changes. The add portion of the LDIF must include all of the original class settings as the original, with the addition of the new MAY attributes, because you don't want to lose any of these definitions.

You will need to add the auxiliary class to those users who which you want to update anyway with the attributes. The sample I pointed to in the first shows how to add a new object with the aux class, while the following code sample would modify an existing inetorgperson to define the aux attributes:

dn: cn=user1,o=novell
	changetype: modify
	add: objectclass
	objectclass: bearFeatures
	-
	add: bearHair
	bearHair: brunette

* Originally published in Novell AppNotes

Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© Copyright Micro Focus or one of its affiliates