Changes between Version 1 and Version 2 of ALL__add_attribute


Ignore:
Timestamp:
11/13/14 16:03:22 (10 years ago)
Author:
lttoth@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • ALL__add_attribute

    v1 v2  
    11= How to Modify the EDIR Schema = 
    22    Original Author - Beth Mercer 20081028 
    3 20081028 sxelm              How to Modify the EDIR Schema 
    4 ========================================================================================== 
    5  
    6 EDIR is comprised of an iPlanet Directory, Oracle Registry and web gateway.  EDIR schema  
     3 
     4EDIR is comprised of: 
     5* iPlanet Directory 
     6* Oracle Registry 
     7* Web gateway.   
     8EDIR schema  
    79changes require that each of those components be modified in some manner. 
    810 
    9 NOTE: Schema definitions are unique to a directory instance; they are not replicated between  
     11**NOTE:** Most schema definitions are unique to a directory instance; they are not replicated between  
    1012directory instances.  Changes to attribute values under dc=alaska,dc=edu records, however,  
    1113**are** replicated and the absence of an attribute definition in a target directory can  
     
    1315**before** making ACI, gateway and registry changes that allow the update of new attributes. 
    1416 
    15 +++++++++++++++++ 
    16 iPlanet Directory 
    17 +++++++++++++++++ 
     17== iPlanet Directory == 
    1818 
    1919An iPlanet directory instance is where the EDIR Web Gateway gets the information it  
     
    3232 
    3333To modify the iPlanet EDIR schema: 
    34  
    35         # ssh to iplanet account on edgar or elias 
    36         # move to schema directory for particular directory instance 
     34{{{ 
     35# ssh to iplanet account on edgar or elias and move to the schema 
     36# directory for particular directory instance 
    3737        cd /e01/iplanet/servers/slap-[edgar|elias][Test|Prep]/config/schema/ 
    3838 
    39         # list existing EDIR schema versions 
    40         # making sure the current copy of 98uaSchemaAdditions.ldif has a datestamped backup 
     39# list existing EDIR schema versions making sure the current copy of  
     40# 98uaSchemaAdditions.ldif has a datestamped backup 
    4141        ls -lrt 98uaSchemaAdditions* 
    4242 
    43         # copy 98uaSchemaAdditions.ldif to a new backup with today's date 
     43# copy 98uaSchemaAdditions.ldif to a new backup with today's date 
    4444        cp -p 98uaSchemaAdditions.ldif 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 
    4545 
    46         # edit the backup copy 
     46# edit the backup copy 
    4747        vi 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 
    4848 
    49         # diff the current and new schemas 
     49# diff the current and new schemas 
    5050        sdiff -s 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 98uaSchemaAdditions.ldif 
    5151 
    52         # if diff shows what is expected, overwrite current version with new version 
     52# if diff shows what is expected, overwrite current version with new version 
    5353        cp -p 98uaSchemaAdditions.ldif.$(date +'%Y%m%d') 98uaSchemaAdditions.ldif 
    5454 
    55         # bounce the directory instance 
     55# bounce the directory instance 
    5656        pbrun [Prep|Test]stop-slapd 
    5757        pbrun [Prep|Test]start-slapd 
    58  
     58}}} 
    5959If after making schema changes, the directory instance should fail to start, restore the  
    6060backup copy of 98uaSchemaAdditions.ldif and start directory.  
    6161 
    6262To modify the iPlanet EDIR ACIs: 
    63  
    64         # ssh to iplanet account on edgar or elias 
    65         # move to the directory containing ACI source 
     63{{{ 
     64# ssh to iplanet account on edgar or elias 
     65# move to the directory containing ACI source 
    6666        cd local/ldap/schema 
    6767 
    68         # list existing EDIR ACI versions 
    69         # making sure the current ACI file has a datestamped backup 
     68# list existing EDIR ACI versions 
     69 making sure the current ACI file has a datestamped backup 
    7070        ls -lrt aci* 
    7171 
    72         # set up variables used in remaining syntax examples 
     72# set up variables used in remaining syntax examples 
    7373        HOST=$(hostname) 
    7474        INST=Test       # (null), Test or Prep 
    7575        PORT=13238      # 389, 13238 or 15462 
    76         FILENAME=aci.with_user_update.$(date +'%Y%m%d') # glean from other ACI file names 
     76        FILENAME=aci.with_user_update.$(date +'%Y%m%d')  
     77        # glean from other ACI file names 
    7778        echo ${HOST} ${INST} ${PORT} ${FILENAME} 
    7879 
    79         # make a date stamped copy of the most recent applicable ACI file 
    80         # e.g. cp -p <applicable_file> ${FILENAME} 
    81  
    82         # edit new copy of ACI file 
     80# make a date stamped copy of the most recent applicable ACI file 
     81# e.g. cp -p <applicable_file> ${FILENAME} 
     82 
     83# edit new copy of ACI file 
    8384        vi ${FILENAME} 
    8485 
    85         # count number of add: and delete: statements in file 
    86         # that count should be matched when you next apply the ACIs 
     86# count number of add: and delete: statements in file; that count should 
     87# be matched when you next apply the ACIs 
    8788        egrep 'add:|delete:' ${FILENAME}|wc -l 
    8889 
    89         # apply ACIs to applicable directory instance 
     90# apply ACIs to applicable directory instance 
    9091        (ldapmodify -p ${PORT} -h ${HOST}.alaska.edu -D "cn=Directory Manager" \ 
    9192         -j $HOME/.DirectoryManager${INST}.pass -c -v -f  ${FILENAME}) | grep 'modify complete'|wc -l 
    92  
     93}}} 
    9394If your ACI changes include a NEW delete statement, the count of of "modify complete"  
    9495statements will not match the count of add: and delete: statements (can't delete what didn't  
     
    9899statements, then reapply the prior version of the ACI file. 
    99100 
    100  
    101  
    102 +++++++++++++++ 
    103 Oracle Registry 
    104 +++++++++++++++ 
     101== Oracle Registry == 
    105102 
    106103EDIR gateway updates are processed in the Oracle Registry before they are processed in  
     
    110107 
    111108To modify the registry LDAP_CLASS_ATTRIBS table: 
    112  
    113         # ssh to sxldap account on registry host, toklat or summit as appropriate. 
    114         # connect to EDIR instance 
     109{{{ 
     110# ssh to sxldap account on registry host, toklat or summit as appropriate. 
     111# connect to EDIR instance 
    115112        . ua_oracle rptt|q|s env 
    116113        sqlplus / 
    117114         
    118         # list current attributes 
     115# list current attributes 
    119116        set pages 2000 lines 132 
    120117        column class format a30 
     
    123120        select * from LDAP_CLASS_ATTRIBS order by attribute; 
    124121 
    125         # review list and determine appropriate change 
    126  
    127         # delete an attribute 
     122# review list and determine appropriate change 
     123 
     124# delete an attribute 
    128125        delete LDAP_CLASS_ATTRIBS where attribute = '&case_sensitive_attrib_name'; 
    129126 
    130         # add an attribute (see NOTES) 
     127# add an attribute (see NOTES) 
    131128        insert into LDAP_CLASS_ATTRIBS values ( 
    132129        '&case_sensitive_class_name', 
     
    139136        ); 
    140137 
    141         # modify an attribute 
    142         # either delete then add, 
    143         # or write appropriate SQL update statement 
    144          
     138# modify an attribute by either deleting it and adding it anew or 
     139# or writing an appropriate SQL update statement 
     140}}}      
    145141To modify the registry EDIR procedure, if special handling of the new attribute by EDIR  
    146142is necessary: 
     
    218214directories on the e-box hosts. 
    219215 
    220 ####################### 
    221 NOTES 
     216== NOTES == 
    222217 
    2232181. It appears that if an attribute is added to the directory but not to the registry, the update 
     
    269264   stored in a column rather than a row. 
    270265 
    271  
    272 ####################### 
    273 DOCUMENT CHANGE HISTORY 
    274  
    275 20081028 elm    Added clarifying statements about need to remove directories from  
    276                 Equalizer mix before making schema changes and to make schema changes  
    277                 in all directory instances before enabling updates to new attributes. 
     266########################################################[[br]] 
     267LEGACY CHANGE HISTORY - '''NOTE:''' All subsequent changes are recorded in TracWiki[[br]] 
     268########################################################[[br]] 
     269 
     27020081028 elm    Added clarifying statements about need to remove directories from Equalizer mix before making schema changes and to make schema changes in all directory instances before enabling updates to new attributes. 
    27827120090622 mpa    Added NOTES and miscellaneous small corrections. 
    279  
    280 ========================================================================================== 
    281 (eof)