Derek Chen-Becker wrote:
On our old install we had added some attributes to organizationalUnit ("mail" is really the important one) just by editing the schema files,
Editing shipped schema files is considered very bad practice. Don't do that.
but I can't figure out how to do the same on 2.4.21 using the LDAP interface.
Several options:
1. Use your own STRUCTURAL object class derived from organizationalUnit.
2. Use an additional AUXILIARY object class together with organizationalUnit.
3. Somewhat hackish: Define a DIT content rule for organizationalUnit and add the needed attributes to MAY in this.
1. and 2. requires you to transform your data.
3. does not require data changes but some rather naive schema-aware LDAP clients might refuse to handle the additional attributes.
Ciao, Michael.