We used cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. What For?

« Back to Blogs

How to add custom attribute entry for LDAP

Custom attribute entry for LDAP

 

To add custom attribute entry for LDAP you need to follow below instructions:

  • create new LDIF file [ file -> new -> LDIF file ] in Apache Directory Studio.
  • add following code in it.

dn: cn=schema

changetype: modify

add: attributeTypes

attributeTypes: ( 2.25.128424792425578037463837247958458780603.1

       NAME 'dateOfBirth'

       EQUALITY caseIgnoreMatch

       SUBSTR caseIgnoreSubstringsMatch

       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributeTypes: ( 2.25.128424792425578037463837247958458780603.2

       NAME 'gender'

       EQUALITY caseIgnoreMatch

       SUBSTR caseIgnoreSubstringsMatch

       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )

-

add: objectClasses

objectClasses: ( 2.25.128424792425578037463837247958458780603.3

   NAME 'samplePerson'

   DESC 'samplePerson'

   SUP inetOrgPerson

   STRUCTURAL

   MAY  (dateOfBirth $ gender)

)

 

Note : LDIF record must be ended with empty line.

 

Description :

  • Here, we have created one object class named samplePerson & added two custom attributes dateOfBirth & gender.

  • Each attribute and object class have unique OID (for e.g. 2.25.1284...) to avoid any conflict with other attributes within LDAP instance. You can use the above OID for experimental purpose or just google on 'how to obtain an OID'.

  • SUP inetOrgPerson : specifies that samplePerson object class inherits inetOrgPerson.

  • STRUCTURAL : specifies that samplePerson is type of structural object class & able to add entry in the LDAP.

  • There are three types of object classes in LDAP :
  • Structural: Used to create entries -- an entry should have at least one structural object class. (can have more than one as well)
  • Auxiliary: Basically used to add additional attributes to an entry created with some other structural object class. An entry can have one or more auxiliary object classes. But an entry can not construct only with auxiliary object classes.
  • Abstract: These basically sit at the top of the object class hierarchies. An example is: 'top' object class in any LDAP.
  • So hierarchy of samplePerson object class is like,

'top'

      |_'person'

                      |_'organizationalPerson'

    |_'inetOrgPerson’

                                                                                                         |_’samplePerson’

  • MAY (dateOfBirth $ gender) : samplePerson class have two optional attributes. So when user select samplePerson as object class then it is not mandatory to use both or either of these attributes in user entry.
  • Execute LDIF file to add object class & attributes in current LDAP instance.

  • Right click on Users -> New -> New Entry... -> Create entry from scratch

  • Select “samplePerson” from available object Classes & select Next. It will automatically fetch all its parent class for user entry.

   

Note : If it is not showing your newly created class then just click on Refresh of Available Object Class list.

  • Complete adding the user entry as you usually do.

  • Try to add attributes to the created user entry. In the attribute search list, now you will be able to see the newly introduced custom attributes.

 

Previous
contact-us Request a callback WhatsApp