Chapter 1.1About Directory Server SchemaThis chapter provides an overview of some of the basic concepts of the directory schema and lists thefiles in which the schema is described. It describes object classes, attributes, and object identifiers(OIDs) and briefly discusses extending server schema and schema checking.1.1. Schema DefinitionsThe directory schema is a set of rules that defines how data can be stored in the directory. Directoryinformation is stored discrete entries, and each entry is comprised of a set of attributes and theirvalues. The kind of identity being described in the entry is defined in the entry's object classes. Anobject class specifies the kind of object the entry describes through the defined set of attributes for theobject class.Basically, the schema files are lists of the kinds of entries that can be create (the object classes) andthe ways that those entries can be described (the attributes). The schema defines what the objectclasses and attributes are. The schema also defines the format that the attribute values contain (theattribute's syntax) and whether there can only be a single instance of that attribute.Additional schema files can be added to the Directory Server configuration and loaded in the server,so the schema is customizable and can be extended as desired.For more detailed information about object classes, attributes, and how the Directory Server uses theschema, see the Deployment Guide.CAUTIONThe Directory Server fails to start if the schema definitions contain too few or too manycharacters. Use exactly one space in those places where the LDAP standards allow theuse of zero or many spaces; for example, the place between the NAME keyword and thename of an attribute type.1.1.1. Object ClassesIn LDAP, an object class defines the set of attributes that can be used to define an entry. The LDAPstandard provides object classes for many common types of entries, such as people (person andinetOrgPerson), groups (groupOfUniqueNames), locations (locality), organizations anddivisions (organization and organizationalUnit), and equipment (device).In a schema file, an object class is identified by the objectclasses line, then followed by its OID,name, a description, its direct superior object class (an object class which is required to be used inconjunction with the object class and which shares its attributes with this object class), and the list ofrequired (MUST) and allowed (MAY) attributes.This is shown in Example 1.1, “person Object Class Schema Entry”.objectClasses: ( 2.5.6.6 NAME 'person' DESC 'Standard LDAP objectclass' SUP top MUST ( sn $cn ) MAY ( description $ seeAlso $ telephoneNumber $ userPassword ) X-ORIGIN 'RFC 2256' )Example 1.1. person Object Class Schema Entry
