Add posixAccount, shadowAccount, sambaSamAccount to NDS
NDS8.0 does not support posixAccount,shadowAccount,samba schema default. I add these attributes and objectclass manually by ConsoleOne.
Before import posixAccount and shadowAccount, run ConsoleOne, “LDAP Group-Attribute Mapping”, remove the “unique ID” and “GID” firstly. This step must not be ignored.
Then import “attribute ldif”, “objectclassed ldif” and “samba.nds” in order. Restart ConsoleOne to make it activated. Through path “User-Extensions of this object”, I could add these attribute or objectclass to identied user.
attribute.ldif(posixAccount,shadowAccount,Account)
————————————————–
# Attributes for RFC2307:posixAccount
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.0 NAME ‘uidNumber’ DESC ‘uidNumber’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.4 NAME ‘loginShell’ DESC ‘loginShell’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.1 NAME ‘gidNumber’ DESC ‘gidNumber’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.2 NAME ‘gecos’ DESC ‘gecos’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.3 NAME ‘homeDirectory’ DESC ‘homeDirectory’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
# Attributes for shadowAccount
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.11 NAME ‘shadowFlag’ DESC ‘shadowFlag’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.5 NAME ‘shadowLastChange’ DESC ‘shadowLastChange’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.10 NAME ‘shadowExpire’ DESC ‘shadowExpire’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.9 NAME ‘shadowInactive’ DESC ‘shadowInactive’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.8 NAME ‘shadowWarning’ DESC ‘shadowWarning’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.7 NAME ‘shadowMax’ DESC ‘shadowMax’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.1.1.1.6 NAME ‘shadowMin’ DESC ‘shadowMin’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
# Attributes for RFC1274:Account
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 0.9.2342.19200300.100.1.9 NAME ‘host’ DESC ‘host’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
objectclass.ldif(posixAccount,shadowAccount,Account)
—————————————————–
# Attrbutes for RFC 2307
dn: cn=schema
changetype: modify
add: objectclasses
objectClasses: (0.9.2342.19200300.100.4.5 NAME ‘account’ DESC ‘account’ AUXILIARY MAY host)
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: (1.3.6.1.1.1.2.0 NAME ‘posixAccount’ DESC ‘posixAccount’ AUXILIARY MAY (uidNumber $ loginShell $ gecos $ gidNumber $ homeDirectory ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: (1.3.6.1.1.1.2.1 NAME ‘shadowAccount’ DESC ‘shadowAccount’ AUXILIARY MAY (shadowLastChange $ shadowFlag $ shadowExpire $ shadowInactive $ shadowMax $ shadowMin $ shadowWarning ))
samba-nds.schema
——————————-
/SNAZ_build/samba/example/LDAP/samba-nds.schema