Aleksandar Stoisavljevic wrote:
Therefore I have a requirement to support user management using IBM Tivoly DS. Since I am not willing to pay for such solution
Last time I've worked with IBM Tivoli DS one could download and install it at no cost. IIRC they charge you for support. Installation was a major pain though. Anyway if it's still possible that would be the way I do it in your case.
objectClasses { ( 1.3.18.0.2.6.398 NAME 'os400-root' DESC 'Root node for OS/400 system projection suffix.' SUP top STRUCTURAL MAY os400-sys ) ( 1.3.18.0.2.6.399 NAME 'os400-usrprf' DESC 'Projected OS/400 user profile.' SUP top STRUCTURAL MUST os400-profile MAY userPassword ) ...
To be honest, all examples that I have encounter (openLDAP and Apache DS) that was addressing customizing schema NEVER HAD objectClasses, but rather objectClass.
This seems like an copy/export of the subschema subentry in a custom format which indeed has an attribute multi-valued objectClasses listing all avaiable object classes.
I don't know what you're planning to do. But I'd add only the schema descriptions you need for the data you process. It's very unlikely that you need the object class in the above example. It's some work to extract the relevant schema. But working it out gives you a much clearer picture of what it's all about.
Using a LDAP client with a decent schema browser definitely helps digging into this. (Being the author of web2ldap I'm biased off course.)
Ciao, Michael.