Thanks Christian;

I know that, and I have read them -- they are not overly clear (reading Chinese is easier). I've added all the schemas -- that was easy-- now incorporating them to where I can use the objectClasses and attributes is where I am having the issue. When I attempt to add a new objectClass I receive a violation error code 65.

Thanks, John

-----Original Message----- From: Christian Kratzer [mailto:ck-lists@cksoft.de] Sent: Thursday, December 19, 2013 5:11 PM To: Borresen, John - 0442 - MITLL Cc: openldap-technical@openldap.org Subject: Re: ADDING OBJECT CLASS

Hi,

On Thu, 19 Dec 2013, Borresen, John - 0442 - MITLL wrote: <snipp/>

I would like to add and objectClass(es) so that I can add, emailAddress, employee number. Can someone refresh my memory on what I need (objectClasses)?

your openldap installation comes complete with schema files.

You can read those all by youself.

Greetings Christian

On Mon, 23 Dec 2013 11:01:50 +0100 "Ulrich Windl" Ulrich.Windl@rz.uni-regensburg.de wrote

What is the closest equivalent to "schemagrep email" # supposed to show you the schemas and objectclasses that have an attribute named (or described as) "email". ?

web2ldap implements simple wild-card subschema searches for NAME and/or OIDs.

Ciao, Michael.

Vielen Danke Dieter!

Thank you Terje!

For your help! Your respective assistance helped me in accomplish/add.

john

-----Original Message----- From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Dieter Klünter Sent: Friday, December 20, 2013 3:47 AM To: openldap-technical@openldap.org Subject: Re: ADDING OBJECT CLASS

Am Thu, 19 Dec 2013 16:39:10 -0500 schrieb "Borresen, John - 0442 - MITLL" John.Borresen@ll.mit.edu:

For my Users, currently utilizing the following:

ObjectClass: account (structural) objectClass: posixAccount (auxiliary) objectClass: pwdPolicy (auxiliary) objectClass: shadowAccount (auxiliary) objectClass: top (abstract) cn: gidNumber: homeDirectory: pwdAttribute: uid: uidNumber: gecos: loginShell: pwdAllowUserChange: pwdMinLength: pwdMustChange: shadowLastChange: userPassword:

I would like to add and objectClass(es) so that I can add, emailAddress, employee number. Can someone refresh my memory on what I need (objectClasses)?

The account object class is for computer accounts only, not for user accounts, that's why this object class only provides a limited set of information (the cosine.schema provides some more information). In order to describe user accounts you should use object class person or any children of this class, like organizationalPerson or inetOrgPerson. If you have to stick to account object class you should define and create an auxiliary class to your requirements.

-Dieter

-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E