Changes between Version 1 and Version 2 of ALL__add_attribute
- Timestamp:
- 11/13/14 16:03:22 (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
ALL__add_attribute
v1 v2 1 1 = How to Modify the EDIR Schema = 2 2 Original Author - Beth Mercer 20081028 3 20081028 sxelm How to Modify the EDIR Schema 4 ========================================================================================== 5 6 EDIR is comprised of an iPlanet Directory, Oracle Registry and web gateway. EDIR schema 3 4 EDIR is comprised of: 5 * iPlanet Directory 6 * Oracle Registry 7 * Web gateway. 8 EDIR schema 7 9 changes require that each of those components be modified in some manner. 8 10 9 NOTE: Schema definitions are unique to a directory instance; they are not replicated between11 **NOTE:** Most schema definitions are unique to a directory instance; they are not replicated between 10 12 directory instances. Changes to attribute values under dc=alaska,dc=edu records, however, 11 13 **are** replicated and the absence of an attribute definition in a target directory can … … 13 15 **before** making ACI, gateway and registry changes that allow the update of new attributes. 14 16 15 +++++++++++++++++ 16 iPlanet Directory 17 +++++++++++++++++ 17 == iPlanet Directory == 18 18 19 19 An iPlanet directory instance is where the EDIR Web Gateway gets the information it … … 32 32 33 33 To modify the iPlanet EDIR schema: 34 35 # ssh to iplanet account on edgar or elias 36 # move to schemadirectory for particular directory instance34 {{{ 35 # ssh to iplanet account on edgar or elias and move to the schema 36 # directory for particular directory instance 37 37 cd /e01/iplanet/servers/slap-[edgar|elias][Test|Prep]/config/schema/ 38 38 39 # list existing EDIR schema versions 40 # making sure the current copy of98uaSchemaAdditions.ldif has a datestamped backup39 # list existing EDIR schema versions making sure the current copy of 40 # 98uaSchemaAdditions.ldif has a datestamped backup 41 41 ls -lrt 98uaSchemaAdditions* 42 42 43 43 # copy 98uaSchemaAdditions.ldif to a new backup with today's date 44 44 cp -p 98uaSchemaAdditions.ldif 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 45 45 46 46 # edit the backup copy 47 47 vi 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 48 48 49 49 # diff the current and new schemas 50 50 sdiff -s 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 98uaSchemaAdditions.ldif 51 51 52 52 # if diff shows what is expected, overwrite current version with new version 53 53 cp -p 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 98uaSchemaAdditions.ldif 54 54 55 55 # bounce the directory instance 56 56 pbrun [Prep|Test]stop-slapd 57 57 pbrun [Prep|Test]start-slapd 58 58 }}} 59 59 If after making schema changes, the directory instance should fail to start, restore the 60 60 backup copy of 98uaSchemaAdditions.ldif and start directory. 61 61 62 62 To modify the iPlanet EDIR ACIs: 63 64 65 63 {{{ 64 # ssh to iplanet account on edgar or elias 65 # move to the directory containing ACI source 66 66 cd local/ldap/schema 67 67 68 69 #making sure the current ACI file has a datestamped backup68 # list existing EDIR ACI versions 69 making sure the current ACI file has a datestamped backup 70 70 ls -lrt aci* 71 71 72 72 # set up variables used in remaining syntax examples 73 73 HOST=$(hostname) 74 74 INST=Test # (null), Test or Prep 75 75 PORT=13238 # 389, 13238 or 15462 76 FILENAME=aci.with_user_update.$(date +'%Y%m%d') # glean from other ACI file names 76 FILENAME=aci.with_user_update.$(date +'%Y%m%d') 77 # glean from other ACI file names 77 78 echo ${HOST} ${INST} ${PORT} ${FILENAME} 78 79 79 80 81 82 80 # make a date stamped copy of the most recent applicable ACI file 81 # e.g. cp -p <applicable_file> ${FILENAME} 82 83 # edit new copy of ACI file 83 84 vi ${FILENAME} 84 85 85 # count number of add: and delete: statements in file 86 # that count shouldbe matched when you next apply the ACIs86 # count number of add: and delete: statements in file; that count should 87 # be matched when you next apply the ACIs 87 88 egrep 'add:|delete:' ${FILENAME}|wc -l 88 89 89 90 # apply ACIs to applicable directory instance 90 91 (ldapmodify -p ${PORT} -h ${HOST}.alaska.edu -D "cn=Directory Manager" \ 91 92 -j $HOME/.DirectoryManager${INST}.pass -c -v -f ${FILENAME}) | grep 'modify complete'|wc -l 92 93 }}} 93 94 If your ACI changes include a NEW delete statement, the count of of "modify complete" 94 95 statements will not match the count of add: and delete: statements (can't delete what didn't … … 98 99 statements, then reapply the prior version of the ACI file. 99 100 100 101 102 +++++++++++++++ 103 Oracle Registry 104 +++++++++++++++ 101 == Oracle Registry == 105 102 106 103 EDIR gateway updates are processed in the Oracle Registry before they are processed in … … 110 107 111 108 To modify the registry LDAP_CLASS_ATTRIBS table: 112 113 114 109 {{{ 110 # ssh to sxldap account on registry host, toklat or summit as appropriate. 111 # connect to EDIR instance 115 112 . ua_oracle rptt|q|s env 116 113 sqlplus / 117 114 118 115 # list current attributes 119 116 set pages 2000 lines 132 120 117 column class format a30 … … 123 120 select * from LDAP_CLASS_ATTRIBS order by attribute; 124 121 125 126 127 122 # review list and determine appropriate change 123 124 # delete an attribute 128 125 delete LDAP_CLASS_ATTRIBS where attribute = '&case_sensitive_attrib_name'; 129 126 130 127 # add an attribute (see NOTES) 131 128 insert into LDAP_CLASS_ATTRIBS values ( 132 129 '&case_sensitive_class_name', … … 139 136 ); 140 137 141 # modify an attribute 142 # either delete then add, 143 # or write appropriate SQL update statement 144 138 # modify an attribute by either deleting it and adding it anew or 139 # or writing an appropriate SQL update statement 140 }}} 145 141 To modify the registry EDIR procedure, if special handling of the new attribute by EDIR 146 142 is necessary: … … 218 214 directories on the e-box hosts. 219 215 220 ####################### 221 NOTES 216 == NOTES == 222 217 223 218 1. It appears that if an attribute is added to the directory but not to the registry, the update … … 269 264 stored in a column rather than a row. 270 265 271 272 ####################### 273 DOCUMENT CHANGE HISTORY 274 275 20081028 elm Added clarifying statements about need to remove directories from 276 Equalizer mix before making schema changes and to make schema changes 277 in all directory instances before enabling updates to new attributes. 266 ########################################################[[br]] 267 LEGACY CHANGE HISTORY - '''NOTE:''' All subsequent changes are recorded in TracWiki[[br]] 268 ########################################################[[br]] 269 270 20081028 elm Added clarifying statements about need to remove directories from Equalizer mix before making schema changes and to make schema changes in all directory instances before enabling updates to new attributes. 278 271 20090622 mpa Added NOTES and miscellaneous small corrections. 279 280 ==========================================================================================281 (eof)