Show Table of Contents
12.8. Turning Schema Checking On and Off
When schema checking is on, the Directory Server ensures three things:
- The object classes and attributes using are defined in the directory schema.
- The attributes required for an object class are contained in the entry.
- Only attributes allowed by the object class are contained in the entry.
Important
Red Hat recommends not to disable the schema checking.
Schema checking is turned on by default in the Directory Server, and the Directory Server should always run with schema checking turned on. The only situation where is may be beneficial to turn schema checking off is to accelerate LDAP import operations. However, there is a risk of importing entries that do not conform to the schema. Consequently, it is impossible to update these entries.
12.8.1. Turning Schema Checking On and Off Using the Command Line
To turn schema checking on and off using LDAP commands, edit the value of the
nsslapd-schemacheck attribute. For example to disable schema checking:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: cn=config changetype: modify replace: nsslapd-schemacheck nsslapd-schemacheck: off
For details about the
nsslapd-schemacheck parameter, see the description of the parameter in the Red Hat Directory Server Configuration, Command, and File Reference.
12.8.2. Turning Schema Checking On and Off Using the Console
To enable or disable schema checking using the Console:
- In the Directory Server Console, select the Configuration tab.
- Highlight the server icon at the top of the navigation tree, then select the Settings tab in the right pane.
- To enable schema checking, check the Enable Schema Checking check box; clear it to turn off schema checking.
- Click .