Extend Remote LDAP Schema with iFolder Attribute

  • 7003511
  • 11-Jun-2009
  • 30-Apr-2012

Environment


Novell iFolder 3.7
Novell Open Enterprise Server 2 (OES2) Linux
SUSE Linux Enterprise Server 10 Service Pack 2 (SLES)

Situation

Installing iFolder 3.7 extends the local schema with necessary LDAP attributes.  It is possible to configure iFolder to point at a remote LDAP directory for user information.  In this instance the schema in the remote LDAP tree may not have been extended.  The additional attributes are required for user provisioning.

Resolution

The scheme can be extended by using one of the two following methods:

1) Using LDAP commands
ldapadd -x -Z -H ldaps://<ldap_ip_address>:636 -D <full_ldap_admin_dn> -w <password> -f /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

Example:
ldapadd -x -Z -H ldaps://192.168.1.88:636 -D "cn=admin,o=novell" -w secret -f /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

-x = uses simple authentication instead of SASL
-Z = issue StartTLS (Transport Layer Security) extended operation
-f =  schema script [default path]


2) Using OES2 schema extension tool
/opt/novell/oes-install/util/extend_schema -d -p 636 <full_ldap_admin_dn> <password> <ldap_ip_address> /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

Example:
/opt/novell/oes-install/util/extend_schema -d -p 636 'cn=admin,o=novell' secret 192.168.1.88 /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

-d = debug

Additional Information

The schema extension introduces an 'iFolderUserProvision' auxiliary object class with an 'iFolderHomeServer' attribute.


To extend a user object see the iFolder 3.7 Administration Guide:

Extending LDAP User Objects for iFolder 3.7

https://www.novell.com/documentation/ifolder3/ifolder37_admin/data/bsi3rs1.html#bd60mv9

Feedback service temporarily unavailable. For content questions or problems, please contact Support.