[Systems] How to add an LDAP attribute? (was: Re: OpenID account at id.sugarlabs.org)
Bernie Innocenti
bernie at codewiz.org
Sun Sep 5 16:02:14 EDT 2010
El Sat, 04-09-2010 a las 21:37 +0200, Sascha Silbe escribió:
> Because LDAP seems to be strictly typed, I need to add the new attribute
> to a/the? schema. Per [1] I've created
> /etc/ldap/schema/tls-public-key.schema with the following content:
>
> === Begin ===
> # Author: Sascha Silbe <sascha-pgp at silbe.org>
> # temporarily using OID from OpenLDAP 'experimental' namespace
> # http://www.openldap.org/faq/data/cache/200.html
> attributetype ( 1.3.6.1.4.1.4203.666.1.7843 NAME 'tls-public-key'
> DESC 'Public key used for authenticating TLS sessions, ASCII armored'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
> SINGLE-VALUE )
> === End ===
Many years ago, I requested and obtained a OID for Develer at IANA. We
could do the same for Sugar Labs as well, or ask the sysadmins at
Develer to reserve a sub-OID for us.
> Next step would be to let slapd know about this new file. Both [1] and
> [2] tell me to edit /etc/openldap/slapd.conf below the other schema file
> include. But on sunjammer that file doesn't exist and none of the other
> files that look LDAP-related contains any "include" line.
>
> So what do I need to do so I can add the tls-public-key attribute on
> my user account ("uid=silbe,ou=People,dc=sugarlabs,dc=org")?
Ubuntu by default switched from slapd.conf to an ldif configuration file
format which is obscure and undocumented. The configuration is scattered
in a hierarchic tree under /etc/ldap/slapd.d/. Schemas appear to be in
/etc/ldap/slapd.d/cn=config/cn=schema/, already converted to ldif
format.
(when I can't figure out the corresponding ldif syntax, I create a
fakeslapd.conf and make slapd migrate it to ldif by passing it both -f
and -F).
--
// Bernie Innocenti - http://codewiz.org/
\X/ Sugar Labs - http://sugarlabs.org/
More information about the Systems
mailing list