1 # $OpenLDAP$ 2 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 3 ## 4 ## Copyright 1998-2024 The OpenLDAP Foundation. 5 ## All rights reserved. 6 ## 7 ## Redistribution and use in source and binary forms, with or without 8 ## modification, are permitted only as authorized by the OpenLDAP 9 ## Public License. 10 ## 11 ## A copy of this license is available in the file LICENSE in the 12 ## top-level directory of the distribution or, alternatively, at 13 ## <http://www.OpenLDAP.org/license.html>. 14 # 15 # 16 # OpenLDAP Project's directory schema items 17 # 18 # depends upon: 19 # core.schema 20 # cosine.schema 21 # inetorgperson.schema 22 # 23 # These are provided for informational purposes only. 24 # 25 # This openldap.ldif file is provided as a demonstration of how to 26 # convert a *.schema file into *.ldif format. The key points: 27 # In LDIF, a blank line terminates an entry. Blank lines in a *.schema 28 # file should be replaced with a single '#' to turn them into 29 # comments, or they should just be removed. 30 # In addition to the actual schema directives, the file needs a small 31 # header to make it a valid LDAP entry. This header must provide the 32 # dn of the entry, the objectClass, and the cn, as shown here: 33 # 34 dn: cn=openldap,cn=schema,cn=config 35 objectClass: olcSchemaConfig 36 cn: openldap 37 # 38 # The schema directives need to be changed to LDAP Attributes. 39 # First a basic string substitution can be done on each of the keywords: 40 # objectIdentifier -> olcObjectIdentifier: 41 # objectClass -> olcObjectClasses: 42 # attributeType -> olcAttributeTypes: 43 # Then leading whitespace must be fixed. The slapd.conf format allows 44 # tabs or spaces to denote line continuation, while LDIF only allows 45 # the space character. 46 # Also slapd.conf preserves the continuation character, while LDIF strips 47 # it out. So a single TAB/SPACE in slapd.conf must be replaced with 48 # two SPACEs in LDIF, otherwise the continued text may get joined as 49 # a single word. 50 # The directives must be listed in a proper sequence: 51 # All olcObjectIdentifiers must be first, so they may be referenced by 52 # any following definitions. 53 # All olcAttributeTypes must be next, so they may be referenced by any 54 # following objectClass definitions. 55 # All olcObjectClasses must be after the olcAttributeTypes. 56 # And of course, any superior must occur before anything that inherits 57 # from it. 58 # 59 olcObjectIdentifier: OpenLDAProot 1.3.6.1.4.1.4203 60 # 61 olcObjectIdentifier: OpenLDAP OpenLDAProot:1 62 olcObjectIdentifier: OpenLDAPattributeType OpenLDAP:3 63 olcObjectIdentifier: OpenLDAPobjectClass OpenLDAP:4 64 # 65 olcObjectClasses: ( OpenLDAPobjectClass:3 66 NAME 'OpenLDAPorg' 67 DESC 'OpenLDAP Organizational Object' 68 SUP organization 69 MAY ( buildingName $ displayName $ labeledURI ) ) 70 # 71 olcObjectClasses: ( OpenLDAPobjectClass:4 72 NAME 'OpenLDAPou' 73 DESC 'OpenLDAP Organizational Unit Object' 74 SUP organizationalUnit 75 MAY ( buildingName $ displayName $ labeledURI $ o ) ) 76 # 77 olcObjectClasses: ( OpenLDAPobjectClass:5 78 NAME 'OpenLDAPperson' 79 DESC 'OpenLDAP Person' 80 SUP ( pilotPerson $ inetOrgPerson ) 81 MUST ( uid $ cn ) 82 MAY ( givenName $ labeledURI $ o ) ) 83 # 84 olcObjectClasses: ( OpenLDAPobjectClass:6 85 NAME 'OpenLDAPdisplayableObject' 86 DESC 'OpenLDAP Displayable Object' 87 AUXILIARY 88 MAY displayName ) 89