Hi all,

as a almost newby with openLDAP, I encounter following problem and would like if there is someone to help me to clarify few things.

So the state of a problem follows.

I have request from a client (e.g. client name as foo) to establish LDAP provider at my office while we are in process of development
and once we are ready for acceptance then we will move our software to client machines.

Therefore I have a requirement to support user management using IBM Tivoly DS. Since I am not willing to pay for such solution
and having in mind that LDAP providers should support common LDAP protocol and last I have a little knowledge how to set-up
openLDAP I've decided to go with openLDAP while we are at development.

Now since they have some legacy directory structure, I've asked them to export existing data and to give me that file so I can
import in LDAP. But as may guessed that would be the easy and often in practice this is not the case.

I've noticed that exported LDIF file contain some "custom" objectClasses and was under impression that this was something 
related to Tivoly DS. But after further investigation I was wondering if it is the case why I can have those objectClasses as well ???

Reading more on this theme, and in a communication with a client (legacy code was done by some external 3rd party company) 
I've came to conclusion that client has custom schema files. Let's call them foo.schema and foo_v3.schema

So two of them and now I thought that all of my problems are gone. 

My intention was to change slapd.conf file so that these two are now included (include directive in the the top of the slapd.conf file).

So I have places these two files in /etc/openldap/schema directory and added these two lines in slapd.conf

include      /etc/openldap/schema/foo.schema
include      /etc/openldap/schema/foo_v3.schema

As I've learned on my previous project that I have worked with openLDAP, now I have started slaptest command:

slaptest -d 4095 -f /etc/openldap/slapd.conf

And I've got following error (this is just a example, please be aware that names are different due to NDA):

eading config file /etc/openldap/schema/foo_v3.schema
line 1 (objectClasses {)
/etc/openldap/schema/foo_v3.schema: line 1: unknown directive <objectClasses> inside backend database definition (ignored).

And if I post here you the start of this foo_v3.schema the first line really starts with:

objectClasses {
( 1.3.18.0.2.6.398 NAME 'os400-root' DESC 'Root node for OS/400 system projection suffix.' SUP top STRUCTURAL MAY os400-sys )
( 1.3.18.0.2.6.399 NAME 'os400-usrprf' DESC 'Projected OS/400 user profile.' SUP top STRUCTURAL MUST os400-profile MAY userPassword )
...

To be honest, all examples that I have encounter (openLDAP and Apache DS) that was addressing customizing schema NEVER HAD objectClasses, but rather objectClass.

And finally my question is, Is this what I am trying to do really feasable, and if it is what is wrong with this foo_v3.schema file and why this is not working ?


Thank you for help



--
Aleksandar dipl. ing. Stoisavljevic
Software Developer
mobile: +381 (0) 64 211 50 40
Web: http://www.staleksit.in.rs
E-mail:staleks@gmail.com
SkypeId: staleks_ns
Mail: Branislava Nusica 10, 21000 Novi Sad, Serbia