How to add a new attribute to an existing LDAP objectclass?

ldap openldap edirectory
29,659

The short answer

Use ldapmodify exactly like you would on a regular ldap entry with multi-valued attributes.

That's pretty much what I expected, but I wasn't 100% sure, due to the {N} indexing that you see when you run an ldap search for the schema.

The long answer

First, find your schema's dn. Something like cn={4}test,cn=schema,cn=config Then write an ldif file and apply it to your directory. On Ubuntu 12.04 I applied it as root with: 

ldapmodify -Q -Y EXTERNAL -H ldapi://  -f test.ldif

The part I had issues with was the ldif modify syntax, and what to do with the {N} indexes.

So, the start of your ldif file should be something like:

version: 1

dn: cn={N}test,cn=schema,cn=config
changetype: modify

To modify an objectClass:

delete: olcObjectClasses
olcObjectClasses: <old value>
-
add: olcObjectClasses
olcObjectClasses: <new value>

To modify an attribute:

delete: olcAttributeTypes
olcAttributeTypes: <old value>
-
add: olcAttributeTypes
olcAttributeTypes: <new value>

Some tips I figured out about syntax:

  • Ignore the {N} indexes in your ldif file. They get fixed automatically.
  • You do need the {N} in your schema's DN.
  • Remember the '-' between statements.
  • Don't put a new line after the '-'. ldapmodify stops at that new line, so anything after it will not be executed.
  • Add new attributes before you modify the objectClass to include them.
  • Eliminate all tab characters. They cause the system to produce gibberish.
Share:
29,659

Related videos on Youtube

David R.
Author by

David R.

Updated on September 18, 2022

Comments

  • David R.
    David R. almost 2 years

    I created a custom LDAP objectClass, but forgot a couple attributes before I added it to my OpenLDAP server. I followed the instructions on this Ubuntu doc page: https://help.ubuntu.com/12.04/serverguide/openldap-server.html I am running Ubuntu 12.04.

    So, how do I add a new MAY attribute to an objectClass that is already applied to the server?

    Specifically on OpenLDAP, but it would be good to know how for Novell eDirectory as well.

    • David R.
      David R. over 11 years
      Just tried this ldif file: version: 1 dn: cn={4}lccperson,cn=schema,cn=config add: olcAttributeTypes olcAttributeTypes: ( 1.3.6.1.4.1.32916.2.1.1.1.29 NAME 'lccPersonMiddleName' DESC 'The persons middle name.' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) And that apparently added the gibberish in the next comment.
    • David R.
      David R. over 11 years
      olcAttributeTypes:: ezI4fSggMS4zLjYuMS40LjEuMzI5MTYuMi4xLjEuMS4yOSBOQU1FICdsY2NQ‌​ZXJzb25NaWRkbGVOYW1l‌​JyBERVNDICdUaGUgcGVy‌​c29ucyBtaWRkbGUgbmFt‌​ZS4nIEVRVUFMSVRZIGNh‌​c2VJZ25vcmVNYXRjaCBT‌​VUJTVFIgY2FzZUlnbm9y‌​ZVN1YnN0cmluZ3NNYXRj‌​aCAJU1lOVEFYIDEuMy42‌​LjEuNC4xLjE0NjYuMTE1‌​LjEyMS4xLjE1IFNJTkdM‌​RS1WQUxVRSAp Hmm... Comments don't format well do they. Anyway, any suggestions?
    • David R.
      David R. over 11 years
      moral of the story, avoid tabs in your ldif file.
    • jscott
      jscott over 11 years
      You're able to edit your original question. You can insert the formatted comments as part of the question and delete the comments.
  • shorif2000
    shorif2000 about 4 years
    will this work to add without deleting 1st?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What are the other alternative to test a LDAP connection on linux machine
inetOrgPerson with member or memberOf?
Nested Group LDAP Search Filter
How to add rights to an user with olcAccess, in an OpenLDAP 2.4
I need to find out disabled users from ldap
Is there an LDAP standard group membership attribute for users?
Decrypting OpenLDAP passwords
LDAPSEARCH into table format
Python ldap3 LDAPSocketOpenError unable to send message, socket is not open
Using LDAPSEARCH to return all Groups and OU's in an Active Directory domain