Peter SchÃŒtt wrote:
I use OpenLDAP 2.4.19 and I try to build an own gender attribute.
Why not use existing suggestions?
I need a custom syntax for the value, "M" or "W".
With OpenLDAP you don't need an extra syntax. You could use slapo-constraint for restricting attribute values. See the man-page slapo-constraint(5).
How can I create my own custom syntax?
An own LDAP syntax requires coding something which runs inside slapd (e.g. an overlay).
Actually, it would be much simpler than an overlay: all one needs to do is write a module that loads a syntax with its own handlers for validation and prettification. This means writing code that needs to be maintained, though. A simpler approach would be to use the boolean syntax, with an attribute that basically contains "isFemale"; then TRUE and FALSE would have a straightforward meaning (in a two-gender world, of course).
Or, one could use directoryString and restrict the value using slapo-constraint(5); something like
constraint_attribute sex regex "^[MW]$"
should work (untested, though).
p.