Customizing the OpenLDAP Schema
LDAP DIT Design and LDIF File
DIT Creation
The schema that slapd uses may be extended to support additional
syntaxes, matching rules, attribute types, and object classes. In the
case of the B051-000, the B051-000 User class and the permission
attribute are extended to define a new schema. The extended schema
file used to authenticate and authorize users logging in to the B051-
000 is shown in the figure, below:
LDAP Data Structure
An LDAP directory stores information in a tree structure known
as the Directory Information Tree (DIT). The nodes in the tree are
directory entries, and each entry contains information in attribute-
value form. An example of the LDAP directory tree for the B051-000
is shown in the figure, below:
The LDAP Data Interchange Format (LDIF) is used to represent
LDAP entries in a simple text format (please refer to RFC 2849). The
figure below illustrates an LDIF file that creates the DIT for the B051-
000 directory tree (shown in the figure, above).
The following figure illustrates an LDIF file that defines the
OpenLDAP group for the B051-000.