[Freeipa-users] LDAP-101
Simo Sorce
ssorce at redhat.com
Tue Dec 8 19:23:31 UTC 2009
On Tue, 2009-12-08 at 09:09 -0600, Michael Wisniewski wrote:
> On Tue, Dec 8, 2009 at 8:58 AM, Rob Crittenden <rcritten at redhat.com> wrote:
> >
> > Schema is sort of a 2-step process. Step 1 is to tell the directory server
> > about the schema at all. This can be done offline by dropping a schema file
> > into a filesystem directory or online by uploading the schema. Either way
> > this just tells the LDAP server about the new objectclasses and attributes
> > available and their syntaxes.
>
> Thanks for the response. Another related question. Does freeipa
> 1.2.2 use the "cn=config" way, or the schema file in
> /etc/openldap/schema?
>
> Again, I'm just starting out, but I found configuration information in
> both places. I'm just wondering if I were to extend the schema for
> use with samba, do I want to go the cn=config route, or the
> /etc/openldap/schema file route.
FreeIPA uses 389DS as LDAP server not openldap.
All the schema files for each instance can be seen
under /etc/dirsrv/<instance>/schema and also by quering the schema
online.
cn=config can be accessed by the Directory Manager to see or change
configuration settings on the fly. Some apply immediately, some other
changes may require a DS restart.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list