Add your first elements to the schema
The schema of an LDAP server is comprised of object classes, attributes, syntaxes and matching rules. Basically it defines which entries are allowed within the server and how the server should handle them. In contrast to the 1.0 release, ApacheDS 1.5.0 comes with a completely redesigned schema subsystem. It allows to dynamically update the schema, for instance it is possible to create new attribute types or object classes on the fly, without restarting the server.
This section shows how to define your first own schema elements by the help of a simple example, and how to add them to an ApacheDS 1.5.0 instance.
Newbie question: Is it always necessary to define my own schema elements?
No. ApacheDS comes with a comprehensive set of predefined, standardized schema elements. It is quite common to solely use the predefined schema. The same holds true for other directory servers, by the way.
Browsing the schema of ApacheDS
LDAPv3 servers publish their schema via LDAP, thus it is possible to list the schema elements with standard LDAP tools. For instance it is possible to use the ldapsearch command line tool to list all object classes
$ ldapsearch -h zanzibar -p 10389 -D "uid=admin,ou=system" -w ****** \
-b "cn=schema" -s base "(objectclass=subschema)" objectclasses
...
objectClasses: ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top
STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
seeAlso $ description ) X-SCHEMA 'core' )
...
The output contains all things which are interesting to know about an object class (required attributes, optional attributes etc.), but is not easy to read by a human user.
It is often Therefore appropriate to use a GUI tool to browse the schema (which basically performs the same search operations but presents the output prettily). One option is Apache Directory LDAP Studio, an Eclipse based LDAP tool set which contains a powerful graphical Schema browser.