On 12/14/19 1:47 PM, SHarbich(a)t-online.de wrote: Yeah, known deficiency of RFC 2798. Many people invented their own schema to work around this. Ciao, Michael.

Bonjour, You have to first start by defining your new schema. Here's an example below for your 2 attributes, and an auxiliary object class (i.e. a class that can be added to any kind of entry, in addition to their existing object classes) allowing the use of these attributes. The birthday needs to be expressed in a format restricted from ISO8601. For example, if the birthday is 1st Feb of 1950 at 13:35:56 UTC, you can express it as 19500201133556Z; you can omit the seconds and minutes, but not the hour, and not the timezone. dn: cn=myschemaname,cn=schema,cn=config objectClass: olcSchemaConfig cn: myschemaname olcAttributeTypes: ( 1.3.6.1.4.1.myoid.1.1 NAME 'birthday' DESC 'Birthday' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) olcAttributeTypes: ( 1.3.6.1.4.1.myoid.1.2 NAME 'maidenName' DESC 'Maiden name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) olcObjectClasses: ( 1.3.6.1.4.1.myoid.2.1 NAME 'MorePersonalInformation' SUP top AUXILIARY DESC 'More personal information that can be added to a person' MAY ( birthday $ maidenName ) ) Allocate an OID for you, adapt the OIDs present in the schema (I've used myoid.1 for attributes and myoid.2 for object classes, and add another arc for each attribute/class. Declare this schema in your LDAP server, and for each entry in your DIT, you can add the "MorePersonalInformation" object class to this entry, and add the 2 new attributes. Later on, you'll be able to search for entries according to their birthday (for example, list users for which the birthday falls within the next month). Le lun. 16 déc. 2019 à 19:18, SHarbich(a)t-online.de <SHarbich(a)t-online.de&gt; a écrit : -- Erwann.