LDAPSchema.exe does not create LDAP - NDS Schema Mapping

  • 3929007
  • 25-Oct-2007
  • 31-Jul-2012


Novell SecureLogin
NSL v 6.0.110
iManager 2.6


Running LDAPSchema does not create the NDS to LDAP schema mappings.


The only function performed by LDAPSchema.exe is mapping eDir attributes to LDAP attributes.
In the situation where it fails to do so, the choices are to either troubleshoot the failure, or to manually create the mappings. Manually creating the mappings is usually the easiest option.

How to manually create the SecureLogin eDir to LDAP mappings:

1. Launch iManager, open eDirectory Administration, Modify Object, and browse to the LDAP Group object.
2. Go to the "Class Map" tab and use the "+" sign manually add the following mappings: 

eDir Attribute To Be Mapped  LDAP Mapping
Prot:SSO Auth protocom-SSO-Auth-Data
Prot:SSO Entry protocom-SSO-Entries
Prot:SSO Entry Checksum protocom-SSO-Entries-Checksum
Prot:SSO Profile protocom-SSO-Profile
Prot:SSO Security Prefs protocom-SSO-Security-Prefs
Prot:SSO Security Prefs Checksum protocom-SSO-Security-Prefs-Checksum

These mappings are case-sensitive.
Also note that these these schema extensions should be mapped for each LDAP group object. By default, every LDAP server has its own LDAP Group.