OID – Custom Schema

# Add attribute – llcSecretAttr :

cat > ~/add_attr1_to_schema.ldif

dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 99.99.99.99.98 NAME ‘llcSecretAttr’ EQUALITY caseIgnoreMatch SYNTAX ‘1.3.6.1.4.1.1466.115.121.1.44’ )

$ ldapmodify -h llcau3.oracle.com -p 3060 -D cn=orcladmin -w mypasswd -v -f ~/add_attr1_to_schema.ldif
# Add attribute to an objectclass

cat > ~/add_obj1_to_schema.ldif

dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 99.99.99.99.99 NAME ‘llcTestObj’ SUP top STRUCTURAL MAY llcSecretAttr )
$ ldapmodify -h llcau3.oracle.com -p 3060 -D cn=orcladmin -w mypasswd -v -f ~/add_obj1_to_schema.ldif

Advertisements

ODSEE/OUD attributes hashing

You can define an attribute with password syntax. It will be stored using the default scheme defined in the default password policy.

For instance:

dn: cn=schema
objectClass: top
objectClass: ldapSubentry
objectClass: subschema
cn: schema
attributeTypes: ( 2.5.4.35 NAME 'myAttribute'
  SYNTAX 1.3.6.1.4.1.26027.1.3.1 ) 

1) Update the schema with the attribute and associate it to a objectclass

# ./ldapmodify -X -Z -D "cn=Directory Manager" --bindPasswordFile pwdfile.txt -p 2636 --useSSL --trustAll
dn: cn=schema
changetype: modify
add: attributeTypes
attributeTypes: ( 2.16.840.1.113730.3.1.999 NAME 'myAttribute' SYNTAX 1.3.6.1.4.1.26027.1.3.1 X-ORIGIN 'user defined' )

Processing MODIFY request for cn=schema
MODIFY operation successful for DN cn=schema

dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.42.2.27.9.2.110 NAME 'myInetOrgPerson' SUP inetOrgPerson MAY ( myAttribute) X-ORIGIN 'user defined' )

Processing MODIFY request for cn=schema
MODIFY operation successful for DN cn=schema
dsuser@confusion1#