We have done a lot of extending of the LDAP schema in Novell NDS. The
first thing to do is to look for standard attributes that accomplish what
you want to do. If so use those rather than invent your own. This list
and/or the genera LDAP list has had several refernces to places where you
can check for these. I lost all my bookmarks about a month ago, so don't
have them readily available. We have added "standard" ones that aren't
Novell and our own unique ones. By the way NDS8.5 has a lot mode standard
ones built in. If you haven't upgraded to that, do so before you extend
your schema. Much better to use things the way they do them where
If you need to add your own unique things, the most important step is
to get your own OID arc. We paid $100 about 18 months ago to do it
through Novell, because it was the easiest option and I was in a super
time-crunch. There are ways to get one for free if you want to track that
down. Once you have your OID establish one ore more (auxilliary)
objectClasses for yourself. We only did one and called it USNAperson.
Technically it should have been usnaPerson, but people around here
really like USNA to be uppercase. Once you have your objectClass set, you
can add as many attributes as you need to it. For each one, you need to
figure out its type (e.g. caseIgnoreString of time) and whether it is
single or multi valued.
On Wed, 28 Feb 2001 Simon_Wilcox@... wrote:
> This is off topic I know, but as I'll be doing it with Net::LDAP.....
> I have been using Net::LDAP very successfully to query and
> manage a Novell
> NDS directory but we're now hitting limitations of the existing
> (need to store new attributes like employment status). Modifying
> a schema
> seems very arcane and is beyond my knowledge.
> Can anyone recommend references or tutorials about designing LDAP schemas,
> best practice and so-on. The few resources I have found seem to be
> technical guides to setting up server software, not the design of the
> schema itself.
> Many thanks,
> Simon Wilcox
> Intranet Development Manager
> Williams Lea Group
> This document should only be read by those persons to whom it is addressed
> and is not intended to be relied upon by any person without subsequent
> written confirmation of its contents. Accordingly, our company disclaim all
> responsibility and accept no liability (including in negligence) for the
> consequences for any person acting, or refraining from acting, on such
> information prior to the receipt by those persons of subsequent written
> If you have received this E-mail message in error, please notify us
> immediately by telephone. Please also destroy and delete the message from
> your computer.
> Any form of reproduction, dissemination, copying, disclosure, modification,
> distribution and/or publication of this E-mail message is strictly