NIS to LDAP Schema Extensions

Full RFC2307Bis

RFC-2307bis is commonly implemented among various vendors and is what we recommend.

The LDIF file contains all the full schema. Note you may also need the mailGroup schema for aliases.

Full Schema as defined in RFC2307bis in LDIF

RFC 2307 Schema

NOTE: We recommend the RFC 2307bis schema be used. For these schema extensions the Novell suppiled LDIF files should be used. These files are located at:

/lib/nds-schema/rfc2307-nis.ldif
/lib/nds-schema/rfc2307-usergroup.ldif

rfc2307-nis.ldif

AutoMount Schemas

There are three automount schemas:

• new automount schema - An automount schema is based on RFC 2307-bis. This schema defines new automountMap and automount structures to represent the AutoFS maps and their entries in the LDAP directory.
  • Used by Solaris (I know 9 & 10)
  • Used by HP-UX
• nisObject automount schema - The nisObject automount schema defines nisMap and nisObject structures to represent the AutoFS maps and their entries in the LDAP directory. There are some limitations that you need to be aware of when using the nisObject automount schema.
• obsolete automount schema - This is the schema that is shipped with Netscape Directory Server version 6.x.

AutoMount Schema as defined in RFC 2307bis in LDIF

More information on automount entries.

RFC 2307

DUAConfigProfile

rfc4876.txt The DUAConfigProfile.

Schema file used to create the DUAConfigProfile

RFC-3712 LDAP Printer Schema

Schema used to define printer configurations within LDAP.

Solaris NIS Project Schema

Projects appear to be Solaris specfific.

Procedures

rfc2307-usergroup.ldif

The command below will extend the schema for the rfc2307-usergroup.ldif.

ice -lice.log -SLDIF -f/lib/nds-schema/rfc2307-usergroup.ldif -c -v -a -DLDAP -sjeems3.svr.Directory-Info.com -p389 -dcn=admin,ou=administration,dc=Directory-Info.com,dc=net -w********* -B

There maybe one (1) error that may look something like:

Record: 4, modify operation: delete: attributetypes, dn: cn=schema
( 2.16.840.1.113719.1.1.4.1.26	NAME 'homeDirectory' 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26	X-NDS_NAME 'Home Directory' )
modify entry: cn=schema
Record: 4, ldap_modify failed: 16(No such attribute), dn: cn=schema
ProcessEntry failed: 16 continuing with the next entry
Record: 4, process_ldif_rec failed: 16, dn: cn=schema
Entry: processing entry: cn=schema

Ignore this error

rfc2307-nis.ldif

ice -lice.log -v -SLDIF -fC:\mydata\EDS\Projects\PAM\rfc2307-nis.ldif -c -v -a -DLDAP -sino0s701.svr.[Directory-Info.com].net -p389 -dcn=admin,ou=administration,dc=[Directory-Info.com],dc=net -w********* -B 

Expect No errors.

draft-joslin-config-schema-11.ldif

ice -lice.log -v -SLDIF -fC:\mydata\EDS\Projects\PAM\draft-joslin-config-schema-11.ldif -c -v -a -DLDAP -sino0s701.svr.[Directory-Info.com].net -p389 -dcn=admin,ou=administration,dc=[Directory-Info.com],dc=net -w********* -B 

There maybe one (1) error that may look something like:

Record: 4, modify operation: add: attributetypes, dn: cn=schema
( 1.3.6.1.4.1.11.1.3.1.1.3 NAME 'searchTimeLimit'           DESC 'Maximum time in seconds a Directory User Agents should allow for a           search to complete'           EQUALITY integerMatch           SYNTAX 1.3.6.1.4.1.1466.115.121.1.27           SINGLE-VALUE )
modify entry: cn=schema
Record: 4, ldap_modify failed: 20(Type or value exists), dn: cn=schema
ProcessEntry failed: 20 continuing with the next entry
Record: 4, process_ldif_rec failed: 20, dn: cn=schema
Entry: processing entry: cn=schema

Ignore this error.

Indexes

• gidNumber
• uidNumber