Debian
Debian jessie:OpenLDAP 伺服器如何添加新模式?
以下項目是上下文的架構。我會加
attributetype ( 1.3.6.1.4.1.9.500.1.3 NAME 'CiscoDomain' DESC 'Domain for VPN users' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.9.500.1.4 NAME 'CiscoDNS' DESC 'DNS server for VPN users' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.9.500.1.5 NAME 'CiscoIPAddress' DESC 'Address for VPN user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.9.500.1.6 NAME 'CiscoIPNetmask' DESC 'Address for VPN user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.9.500.1.7 NAME 'CiscoSplitACL' DESC 'Split tunnel list for VPN users' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.9.500.1.8 NAME 'CiscoSplitTunnelPolicy' DESC 'Split tunnel policy for VPN users' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.9.500.1.9 NAME 'CiscoGroupPolicy' DESC 'Group policy for VPN users' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE ) objectclass ( 1.3.6.1.4.1.9.500.2.1 NAME 'CiscoPerson' DESC 'My cisco person' AUXILIARY MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description $ CiscoBanner $ CiscoACLin $ CiscoDomain $ CiscoDNS $ CiscoIPAddress $ CiscoIPNetmask $ CiscoSplitACL $ CiscoSplitTunnelPolicy $ CiscoGroupPolicy ) )該
~# vi /usr/share/slapd/slapd.conf命令產生以下輸出:# Global Directives: # Features to permit #allow bind_v2 # Schema and objectClass definitions<br> include /etc/ldap/schema/core.schema<br> include /etc/ldap/schema/cosine.schema<br> include /etc/ldap/schema/nis.schema<br> include /etc/ldap/schema/inetorgperson.schema<br> include /etc/ldap/schema/cisco.schema<br>有配對的每個模式 ldif 都有文件 ldif 為你的模式文件生成知道什麼方法嗎?
如果您確定您的屬性類型不存在於您現有的 OpenLDAP 安裝或您將連接的任何內容中(尋找衝突的 OID!),您可以添加一個自定義模式。這是一種比亂搞核心模式更乾淨的方法。
您可以通過將節點添加到
cn=config後端來非常輕鬆地做到這一點:
dn: cn=<yourSchemaName>,cn=schema,cn=config objectClass: olcSchemaConfig cn: <yourSchemaName> olcAttributeTypes: ( 1.3.6.1.4.1.9.500.1.3 NAME 'CiscoDomain'...當然,您也可以使用舊的配置後端並重新啟動 slapd。