Categories

ID #1082

How can I extend the default LDAP schema?

Such an extension should only be done if user management is no longer being done by Bright Cluster Manager, but, for example, by an external LDAP server.
 
The following three-step process can extend the default OpenLdap schema that is on Bright Cluster Manager, typically in order to match the schema present on the external LDAP server.

 



1. Write a local schema file with the extensions

Create a new file /cm/local/apps/openldap/etc/schema/local.schema with the new ldap schema additions. Eg, here it is three new attributes, and one auxiliary class for users:

 

attributetype ( 1.1.2.1.1 NAME 'ABHPCCloudProvider'

 DESC 'AB HPC Cloud Provider'

 EQUALITY caseIgnoreMatch

 SUBSTR caseIgnoreSubstringsMatch

 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

 # SYNTAX = string

 

attributetype ( 1.1.2.1.2 NAME 'ABMidPlus'

 DESC 'AB Mid Plus'

 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

 # SYNTAX = integer

 

attributetype ( 1.1.2.1.3 NAME 'AthenaNeedsHomeDir'

 DESC 'Athena needs home directory'

 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )

 # SYNTAX = boolean

 

objectclass ( 1.1.2.2.1 NAME 'ABAthenaUser'

 DESC 'Athena user'

 SUP top AUXILIARY

 MAY (ABHPCCloudProvider $ ABMidPlus $ AthenaNeedsHomeDir ) )

 

(For a full documentation of LDAP schema see: http://www.openldap.org/doc/admin24/schema.html#Extending%20Schema)

 

2. Import the new schema in the LDAP configuration

Add the following line in /cm/local/apps/openldap/etc/slapd.conf to extend the schema:

 

include /cm/local/apps/openldap/etc/schema/local.schema

 

Restart LDAP to implement the addition:

 

[root@master01 ~]# /etc/init.d/ldap restart

Stopping slapd: [ OK ]

 

 

Checking configuration files for slapd: config file testing succeeded  [ OK ]

Starting slapd:        [ OK ]

 

 

3. Apply the new attributes to existing users

[root@master01 ~]# ldapmodify -v -w $LDAP_PASSWORD -D cn=root,dc=cm,dc=cluster -h 127.0.0.1

ldap_initialize( ldap://127.0.0.1 )

dn: uid=chumley,dc=cm,dc=cluster

changetype: modify

add: objectClass

objectClass: ABAthenaUser

-

 

add objectClass:

ABAthenaUser

modifying entry "uid=chumley,dc=cm,dc=cluster"

modify complete

 

dn: uid=chumley,dc=cm,dc=cluster

changetype: modify

add: ABHPCCloudProvider

ABHPCCloudProvider: BrightComputing

- add: ABMidPlus

ABMidPlus: 0

- add: AthenaNeedsHomeDir

AthenaNeedsHomeDir: 1

-

 

add ABHPCCloudProvider:

 BrightComputing

add ABMidPlus:

 0

add AthenaNeedsHomeDir:

 1

modifying entry "uid=chumley,dc=cm,dc=cluster"

modify complete

 

Tags: -

Related entries:

You cannot comment on this entry