Extend Remote LDAP Schema with iFolder Attribute

Installing iFolder 3.7 extends the local schema with necessary LDAP attributes.  It is possible to configure iFolder to point at a remote LDAP directory for user information.  In this instance the schema in the remote LDAP tree may not have been extended.  The additional attributes are required for user provisioning.

The scheme can be extended by using one of the two following methods:

1) Using LDAP commands
ldapadd -x -Z -H ldaps://<ldap_ip_address>:636 -D <full_ldap_admin_dn> -w <password> -f /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

Example:
ldapadd -x -Z -H ldaps://192.168.1.88:636 -D "cn=admin,o=novell" -w secret -f /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

-x = uses simple authentication instead of SASL
-Z = issue StartTLS (Transport Layer Security) extended operation
-f =  schema script [default path]


2) Using OES2 schema extension tool
/opt/novell/oes-install/util/extend_schema -d -p 636 <full_ldap_admin_dn> <password> <ldap_ip_address> /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

Example:
/opt/novell/oes-install/util/extend_schema -d -p 636 'cn=admin,o=novell' secret 192.168.1.88 /opt/novell/ifolder3/etc/iFolderLdapPlugin.ldif

-d = debug

The schema extension introduces an 'iFolderUserProvision' auxiliary object class with an 'iFolderHomeServer' attribute.


To extend a user object see the iFolder 3.7 Administration Guide:

Extending LDAP User Objects for iFolder 3.7
https://www.novell.com/documentation/ifolder3/ifolder37_admin/data/bsi3rs1.html#bd60mv9