docbkx/admin-guide/chap-schema.xml

51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark<?xml version="1.0" encoding="UTF-8"?>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark<!--
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! CCPL HEADER START
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! This work is licensed under the Creative Commons
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! To view a copy of this license, visit
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! http://creativecommons.org/licenses/by-nc-nd/3.0/
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! or send a letter to Creative Commons, 444 Castro Street,
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! Suite 900, Mountain View, California, 94041, USA.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! You can also obtain a copy of the license at
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! trunk/opendj3/legal-notices/CC-BY-NC-ND.txt.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! See the License for the specific language governing permissions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! and limitations under the License.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! If applicable, add the following below this CCPL HEADER, with the fields
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! enclosed by brackets "[]" replaced with your own identifying information:
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !      Portions Copyright [yyyy] [name of copyright owner]
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  ! CCPL HEADER END
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  !      Copyright 2011-2014 ForgeRock AS
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  !
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark-->
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark<chapter xml:id='chap-schema'
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en'
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
08248b5c5b494aff8d1922e8e0b5777796d7450dmark xsi:schemaLocation='http://docbook.org/ns/docbook
08248b5c5b494aff8d1922e8e0b5777796d7450dmark                     http://docbook.org/xml/5.0/xsd/docbook.xsd'
08248b5c5b494aff8d1922e8e0b5777796d7450dmark xmlns:xlink='http://www.w3.org/1999/xlink'>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <title>Managing Schema</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <indexterm><primary>Schema</primary></indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <para>Schema definitions describe the data, and especially the object classes
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark and attribute types that can be stored in the directory. By default OpenDJ
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark conforms strictly to LDAPv3 standards pertaining to schema definitions and
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark attribute syntax checking, ensuring that data stored is valid and properly
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark formed. Unless your data use only standard schema present in OpenDJ when
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark you install, then you must add additional schema definitions to account
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark the data your applications stored.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <para>Out of the box, OpenDJ comes with many standard schema definitions.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark In addition you can update and extend schema definitions while OpenDJ
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark is online. As a result you can add new applications requiring additional
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark data without stopping your directory service.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <para>This chapter demonstrates how to change and to extend OpenDJ schema.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark This chapter also identifies the standard schema definitions available when
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark you install OpenDJ.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <section xml:id="about-schema">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <title>About Directory Schema</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>Directory schema, described in <link
8e09dca18a95fc3277e0b349306e75a5831a63d6mark  xlink:href='http://tools.ietf.org/html/rfc4512'>RFC 4512</link>, defines
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  the kinds of information you find in the directory, and can define how
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  the information are related. This chapter focuses primarily on two types
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  of directory schema definitions.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <itemizedlist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para><firstterm>Attribute type</firstterm> definitions describe attributes
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    of directory entries, such as <literal>givenName</literal> or
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>mail</literal>.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Here is an example of an attribute type definition.</para>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    <programlisting language="ldif">
08248b5c5b494aff8d1922e8e0b5777796d7450dmark# Attribute type definition
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkattributeTypes: ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} X-ORIGIN 'RFC 4524' )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    </programlisting>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Attribute type definitions start with an object identifier (OID),
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    and generally a short name or names that are easier to remember than the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    OID. The attribute type definition can specify how attribute values
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    should be collated for sorting, and what syntax they use. The X-ORIGIN
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    is an extension to identify where the definition originated. When you
ad186a2f9fc7d81ff5d08a8542e0ef45eb74c1d4mark    define your own schema, you likely want to provide an X-ORIGIN to help
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    you to track versions of definitions, and where the definitions came
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    from.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para><firstterm>Object class</firstterm> definitions identify the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    attribute types that an entry must have, and may have. Examples of
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    object classes include <literal>person</literal> and
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>organizationalUnit</literal>.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Here is an example of an object class definition.</para>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    <programlisting language="ldif">
08248b5c5b494aff8d1922e8e0b5777796d7450dmark# Object class definition
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkobjectClasses: ( 2.5.6.6 NAME 'person' SUP top STRUCTURAL MUST ( sn $ cn )
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  MAY ( userPassword $ telephoneNumber $ seeAlso $ description )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  X-ORIGIN 'RFC 4519' )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    </programlisting>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Entries all have an attribute identifying their object classes,
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    called <literal>objectClass</literal>.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Object class definitions start with an object identifier (OID), and
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    generally a short name that is easier to remember than the OID. The
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    definition here says that the person object class inherits from the top
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    object class, which is the top-level parent of all object classes. When
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    you view the objectclass attribute values on an entry, you see the list
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    of object classes that the entry takes. An entry can have one STRUCTURAL
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    object class inheritance branch, such as <literal>top</literal> -
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>person</literal> - <literal>organizationalPerson</literal> -
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>inetOrgPerson</literal>. Yet entries can have multiple
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    AUXILIARY object classes. The object class then defines the attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    types that must be included, and the attribute types that may be included
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    on entries having the object class.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>An <firstterm>attribute syntax</firstterm> constrains what directory
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    clients can store as attribute values.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>An attribute syntax is identified in an attribute type definition by
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    its OID. String-based syntax OIDs are optionally followed by a number, set
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    between braces, that represents a minimum upper bound on the number of
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    characters in the attribute value. For example, in the attribute type
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    definition shown above, the syntax is
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>1.3.6.1.4.1.1466.115.121.1.26{256}</literal>. The syntax is an
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    IA5 string (composed of characters from the international version of the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    ASCII character set) that can contain at least 256 characters.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>You can find a table matching attribute syntax OIDs with their
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    human-readable names in RFC 4517, <link xlink:show="new"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    xlink:href="http://tools.ietf.org/html/rfc4517#appendix-A">Appendix A.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    Summary of Syntax Object Identifiers</link>. The RFC describes
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    attribute syntaxes in detail. Alternatively, you can see the attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    syntaxes that OpenDJ supports by opening the OpenDJ Control Panel and
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    browsing to Schema &gt; Manage Schema &gt; Attribute Syntaxes. You can
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    also list them by using the <command>dsconfig</command> command.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Although attribute syntaxes are often specified in attribute type
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    definitions, directory servers do not always check that attribute values
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    comply with attribute syntaxes. OpenDJ directory server does tend to
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    enforce compliance by default, in particular for certificates, country
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    strings, directory strings, JPEG photos, and telephone numbers. The aim
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    is to avoid accumulating garbage in your directory data.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>If you are trying unsuccessfully to import non-compliant data from a
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    more lenient directory server, you can either clean the data before
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    importing it, or if cleaning the data is not an option, read <xref
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    linkend="schema-legacy-support" />.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>When creating your own attribute type definitions, use existing
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    attribute syntaxes where possible. If you must create your own attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    syntax, then consider the extensions in
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <xref linkend="attr-syntax-schema-definition-extensions" />.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>Matching rules determine how the directory server compares attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    values to assertion values for LDAP search and LDAP compare
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    operations.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>For example, suppose you search with the filter
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>(uid=bjensen)</literal>. The assertion value in this case is
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>bjensen</literal>.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>OpenDJ has the following schema definition for the user ID
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    attribute.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    <programlisting language="ldif">
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkattributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
08248b5c5b494aff8d1922e8e0b5777796d7450dmark SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} X-ORIGIN 'RFC 4519' )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    </programlisting>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>When finding an equality match for your search, OpenDJ uses the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <literal>caseIgnoreMatch</literal> matching rule to check for user ID
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    attribute values that equal <literal>bjensen</literal> without regard
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    to case.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <para>You can see the matching rules that OpenDJ supports by opening the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    OpenDJ Control Panel and browsing to Schema &gt; Manage Schema &gt;
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    Matching Rules. Notice that many matching rules support string collation
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    in languages other than English. You can also list matching rules by
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    using the <command>dsconfig</command> command.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark    <para>As you can read in examples like, <link xlink:show="new"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    xlink:href="admin-guide#extensible-match-search"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    xlink:role="http://docbook.org/xlink/role/olink"><citetitle>Search: List
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    Active Accounts</citetitle></link>, OpenDJ matching rules enable
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    directory clients to do more interesting searches than simply comparing
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    strings. That example shows how to search for users who have
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    authenticated in the last three months.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </itemizedlist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>OpenDJ exposes schema over protocol through the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <literal>cn=schema</literal> entry. OpenDJ stores the schema definitions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  corresponding to the entry in LDIF under the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <filename>config/schema/</filename> directory. Many standard definitions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  and definitions pertaining to the server configuration are included at
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  installation time.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark </section>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <section xml:id="update-schema">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <title>Updating Directory Schema</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <primary>Replication</primary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <secondary>Schema definitions</secondary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>OpenDJ directory server is designed to permit updating the list of
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  directory schema definitions while the server is running. As a result you can
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  add support for new applications that require new attributes or new kinds
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  of entries without interrupting the directory service. OpenDJ also replicates
8e09dca18a95fc3277e0b349306e75a5831a63d6mark  schema definitions, so the schema you add on one replica is propagated to
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  other replicas without you having to intervene manually.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>As it is easy to introduce typos into schema definitions, the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  best way to start defining your own schema is with the OpenDJ Control
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  Panel. Open the Control Panel &gt; Schema &gt; Manage Schema window to
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  get started creating your custom object classes and attribute types.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <mediaobject xml:id="figure-manage-schema">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <imageobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <imagedata fileref="images/Manage-Schema.png" format="PNG" />
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </imageobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </mediaobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>As object classes reference attribute types, you first create
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  custom attribute types, and then create the object class that references
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  the attribute types.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>Create a custom attribute type through the New Attribute window.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <mediaobject xml:id="figure-custom-attrtype">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <imageobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <imagedata fileref="images/custom-attrtype.png" format="PNG" />
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </imageobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </mediaobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>Using the New Object Class window, create an auxiliary object class
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  that allows your new custom attribute type. You set the type to Auxiliary
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  under Extra Options.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <mediaobject xml:id="figure-custom-objclass">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <imageobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <imagedata fileref="images/custom-objclass.png" format="PNG" />
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </imageobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </mediaobject>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>When you finish, the schema changes show up by default in the file
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <filename>config/schema/99-user.ldif</filename>. Notice that the file name
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  starts with a number, 99. This number is larger than the numbers prefixing
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  other schema file names. In fact, OpenDJ reads the schema files in sorted
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  order, reading schema definitions as they occur. If OpenDJ reads a schema
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  definition for an object class before it has read the definitions of the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  attribute types mentioned in the object class definition, then it displays
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  an error. Therefore, when naming your schema file, make sure the name appears
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  in the sorted list of file names <emphasis>after</emphasis> all the schema
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  files containing definitions that your schema definitions depends on. The
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  default file name for your schema, <filename>99-user.ldif</filename>, ensures
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  that your definitions load only after all of the schema files installed by
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  default.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>You can create this file in the lab using the Control Panel, and then
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  apply the definitions in production by adapting the content for use with the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <command>ldapmodify</command> command, for example.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  <screen>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>cat config/schema/99-user.ldif</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark<computeroutput>dn: cn=schema
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkobjectClass: top
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkobjectClass: ldapSubentry
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkobjectClass: subschema
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkcn: schema
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkattributeTypes: ( temporary-fake-attr-id NAME 'myCustomAttribute' EQUALITY case
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark IgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstrings
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE userApplications )
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkobjectClasses: ( temporary-fake-oc-id NAME 'myCustomObjClass
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark ' SUP top AUXILIARY MAY myCustomAttribute )
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkmodifiersName: cn=Directory Manager,cn=Root DNs,cn=config
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkmodifyTimestamp: 20110620095948Z</computeroutput>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark</screen>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>To test your schema definition, add the object class and attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  to an entry.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  <screen>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>cat custom-attr.ldif</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark<computeroutput>dn: uid=bjensen,ou=People,dc=example,dc=com
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkchangetype: modify
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkadd: objectClass
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkobjectClass: myCustomObjClass
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark-
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmarkadd: myCustomAttribute
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkmyCustomAttribute: Testing 1, 2, 3...</computeroutput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>ldapmodify \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --port 1389 \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindDN "cn=Directory Manager" \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindPassword password \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --filename custom-attr.ldif</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark<computeroutput>Processing MODIFY request for uid=bjensen,ou=People,dc=example,dc=com
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkMODIFY operation successful for DN uid=bjensen,ou=People,dc=example,dc=com</computeroutput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>ldapsearch \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --port 1389 \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --baseDN dc=example,dc=com \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark uid=bjensen \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark myCustomAttribute</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark<computeroutput>dn: uid=bjensen,ou=People,dc=example,dc=com
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkmyCustomAttribute: Testing 1, 2, 3...</computeroutput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  </screen>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>In addition to supporting the standard schema definitions that are
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  described in <link xlink:href="http://tools.ietf.org/html/rfc4512#section-4.1"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  >RFC 4512, section 4.1</link>, OpenDJ also supports the following extensions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  that you can use when adding your own definitions.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <variablelist xml:id="general-schema-definition-extensions">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <title>Extensions for All Schema Definitions</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <primary>Schema</primary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <secondary>Schema definition extensions</secondary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term><literal>X-ORIGIN</literal></term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>Used to specify the origin of a schema element. Examples include
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <literal>X-ORIGIN 'RFC 4519'</literal>, <literal>X-ORIGIN
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     'draft-ietf-ldup-subentry'</literal>, and <literal>X-ORIGIN
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     'OpenDJ Directory Server'</literal>.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term><literal>X-SCHEMA-FILE</literal></term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>Used to specify the relative path to the schema file containing the
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     schema element such as <literal>X-SCHEMA-FILE '00-core.ldif'</literal>.
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     Schema definitions are located by default in
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>/path/to/opendj/config/schema/*.ldif</filename> files.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </variablelist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <variablelist xml:id="attr-syntax-schema-definition-extensions">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <title>Extensions for Attribute Syntax Descriptions</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <primary>Schema</primary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <secondary>Schema definition extensions</secondary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term><literal>X-ENUM</literal></term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>Used to define a syntax that is an enumeration of values. The
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     following attribute syntax description defines a syntax allowing four
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     possible attribute values for example.</para>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark     <programlisting language="ldif">
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkldapSyntaxes: ( security-label-syntax-oid DESC 'Security Label'
08248b5c5b494aff8d1922e8e0b5777796d7450dmark X-ENUM ( 'top-secret' 'secret' 'confidential' 'unclassified' ) )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark     </programlisting>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term><literal>X-PATTERN</literal></term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>Used to define a syntax based on a regular expression pattern, where
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     valid regular expressions are those defined for <link xlink:show="new"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     xlink:href="http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     ><literal>java.util.regex.Pattern</literal></link>. The following attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     syntax description defines a simple, lenient SIP phone URI syntax
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     check.</para>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark     <programlisting language="ldif">
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkldapSyntaxes: ( simple-sip-uri-syntax-oid DESC 'Lenient SIP URI Syntax'
08248b5c5b494aff8d1922e8e0b5777796d7450dmark X-PATTERN '^sip:[a-zA-Z0-9.]+@[a-zA-Z0-9.]+(:[0-9]+)?$' )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark     </programlisting>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term><literal>X-SUBST</literal></term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>Used as a fallback to substitute a defined syntax for one that
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     OpenDJ does not implement. The following example substitutes Directory
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     String syntax, which has OID 1.3.6.1.4.1.1466.115.121.1.15, for a syntax
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     that OpenDJ does not implement.</para>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark     <programlisting language="ldif">
08248b5c5b494aff8d1922e8e0b5777796d7450dmarkldapSyntaxes: ( non-implemented-syntax-oid DESC 'Not Implemented in OpenDJ'
08248b5c5b494aff8d1922e8e0b5777796d7450dmark X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' )
08248b5c5b494aff8d1922e8e0b5777796d7450dmark     </programlisting>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </variablelist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <variablelist xml:id="attr-type-schema-definition-extensions">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <title>Extension for Attribute Type Descriptions</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <primary>Schema</primary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <secondary>Schema definition extensions</secondary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term><literal>X-APPROX</literal></term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para><literal>X-APPROX</literal> is used to specify the approximate
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     matching rule to use for a given attribute type when not using the default,
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     which is the <link xlink:href="http://aspell.net/metaphone/"
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     xlink:show="new">double metaphone approximate match</link>.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </variablelist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark </section>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <section xml:id="schema-legacy-support">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <title>Relaxing Schema Checking to Import Legacy Data</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <primary>Schema</primary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <secondary>Legacy data</secondary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>By default, OpenDJ accepts data that follows the standards in terms of
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  what is allowed and what is rejected. You might have legacy data from a
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  directory service that is more lenient, allowing non-standard constructions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  such as multiple structural object classes per entry, not checking attribute
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  value syntax, or even not respecting schema definitions.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>For example, when importing data with multiple structural object
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  classes defined per entry, you can relax schema checking to warn rather
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  than reject entries having this issue.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  <screen>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>dsconfig \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark set-global-configuration-prop \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --hostname opendj.example.com \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --port 4444 \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindDN "cn=Directory Manager" \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindPassword password \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --set single-structural-objectclass-behavior:warn \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --trustAll \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --no-prompt</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  </screen>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>You can allow attribute values that do not respect the defined syntax
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  with the <command>dsconfig</command> command as well.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  <screen>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>dsconfig \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark set-global-configuration-prop \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --hostname opendj.example.com \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --port 4444 \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindDN "cn=Directory Manager" \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindPassword password \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --set invalid-attribute-syntax-behavior:warn \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --trustAll \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --no-prompt</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  </screen>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>You can even turn off schema checking altogether, although turning
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  off schema checking only really makes sense when you are absolutely sure
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  that the entries and attribute values respect the schema definitions, and
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  you simply want to turn off schema checking temporarily to speed up import
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  processing.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  <screen>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark$ <userinput>dsconfig \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark set-global-configuration-prop \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --hostname opendj.example.com \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --port 4444 \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindDN "cn=Directory Manager" \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --bindPassword password \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --set check-schema:false \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --trustAll \
08248b5c5b494aff8d1922e8e0b5777796d7450dmark --no-prompt</userinput>
08248b5c5b494aff8d1922e8e0b5777796d7450dmark  </screen>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark </section>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark <section xml:id="standard-schema">
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <title>Standard Schema Included With OpenDJ</title>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <primary>Schema</primary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <secondary>Bundled definitions</secondary>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </indexterm>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <para>The following files under <filename>config/schema/</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  contain schema definitions out of the box.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  <variablelist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>00-core.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains a core set of
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      attribute type and object class definitions
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      from the following Internet-Drafts, RFCs, and standards:
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <simplelist columns="1">
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/draft-ietf-boreham-numsubordinates">draft-ietf-boreham-numsubordinates</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/draft-findlay-ldap-groupofentries">draft-findlay-ldap-groupofentries</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/draft-furuseth-ldap-untypedobject">draft-furuseth-ldap-untypedobject</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/draft-good-ldap-changelog">draft-good-ldap-changelog</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/draft-ietf-ldup-subentry">draft-ietf-ldup-subentry</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/draft-wahl-ldap-adminaddr">draft-wahl-ldap-adminaddr</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc1274">RFC 1274</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc2079">RFC 2079</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc2256">RFC 2256</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc2798">RFC 2798</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc3045">RFC 3045</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc3296">RFC 3296</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc3671">RFC 3671</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc3672">RFC 3672</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc4512">RFC 4512</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc4519">RFC 4519</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc4523">RFC 4523</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc4524">RFC 4524</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc4530">RFC 4530</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://tools.ietf.org/html/rfc5020">RFC 5020</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <member xlink:show="new" xlink:href="https://www.itu.int/rec/T-REC-X.501">X.501</member>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </simplelist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>01-pwpolicy.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/draft-behera-ldap-password-policy-09"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >draft-behera-ldap-password-policy</link> (Draft 09),
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      which defines a mechanism for storing password policy information
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      in an LDAP directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>02-config.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>This file contains the attribute type and objectclass definitions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     for use with the directory server configuration.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-changelog.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/draft-good-ldap-changelog"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >draft-good-ldap-changelog</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing information about changes to directory server data.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-rfc2713.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc2713"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 2713</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing serialized Java objects in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-rfc2714.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc2714"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 2714</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing CORBA objects in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-rfc2739.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc2739"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 2739</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing calendar and vCard objects in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      Note that the definition in RFC 2739 contains a number of errors,
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      and this schema file has been altered from the standard definition
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      in order to fix a number of those problems.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-rfc2926.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc2926"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 2926</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for mapping between Service Location Protocol (SLP) advertisements and LDAP.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-rfc3112.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc3112"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 3112</link>, which defines the authentication password schema.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-rfc3712.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc3712"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 3712</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing printer information in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>03-uddiv3.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc4403"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 4403</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing UDDIv3 information in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>04-rfc2307bis.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/draft-howard-rfc2307bis"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >draft-howard-rfc2307bis</link>, which defines a mechanism
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing naming service information in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>05-rfc4876.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     <para>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      This file contains schema definitions from
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      <link
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:show="new"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark       xlink:href="https://tools.ietf.org/html/rfc4876"
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      >RFC 4876</link>, which defines a schema
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      for storing Directory User Agent (DUA) profiles and preferences
ec40cc0dc62425cea5d63fd9d984f8614479de25mark      in the directory server.
ec40cc0dc62425cea5d63fd9d984f8614479de25mark     </para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>05-samba.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>This file contains schema definitions required when storing Samba
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     user accounts in the directory server.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>05-solaris.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>This file contains schema definitions required for Solaris and
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     OpenSolaris LDAP naming services.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
ec40cc0dc62425cea5d63fd9d984f8614479de25mark
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   <varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <filename>06-compat.ldif</filename>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </term>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    <listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     <para>This file contains the attribute type and objectclass definitions
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark     for use with the directory server configuration.</para>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark    </listitem>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark   </varlistentry>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark  </variablelist>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark </section>
51607ea01068c9047391e4c8b46bc9dbd0edb7fdmark</chapter>