3.3. Mapping the Data to the Default Schema
The data identified during the site survey, as described in Section 2.3, “Performing a Site Survey”, must be mapped to the existing default directory schema. This section describes how to view the existing default schema and provides a method for mapping the data to the appropriate existing schema elements.
If there are elements in the schema that do not match the existing default schema, create custom object classes and attributes. See Section 3.4, “Customizing the Schema” for more information.
3.3.1. Viewing the Default Directory Schema
The default directory schema is stored in the
/usr/share/dirsrv/schema/ directory.
This directory contains all of the common schema for the Directory Server. The LDAPv3 standard user and organization schema can be found in the
00core.ldif file. The configuration schema used by earlier versions of the directory can be found in the 50ns-directory.ldif file.
Warning
Do not modify the default directory schema.
For more information about each object class and attribute found in directory, see the Red Hat Directory Server Configuration, Command, and File Reference. The same guide also provides more information about the schema files and directory configuration attributes.
3.3.2. Matching Data to Schema Elements
The data identified in the site survey now needs to be mapped to the existing directory schema. This process involves the following steps:
- Identify the type of object the data describes.Select an object that best matches the data described in the site survey. Sometimes, a piece of data can describe multiple objects. Determine if the difference needs to be noted in the directory schema.For example, a telephone number can describe an employee's telephone number and a conference room's telephone number. Determine if these different sorts of data need to be considered different objects in the directory schema.
- Select a similar object class from the default schema.It is best to use the common object classes, such as groups, people, and organizations.
- Select a similar attribute from the matching object class.Select an attribute from within the matching object class that best matches the piece of data identified in the site survey.
- Identify the unmatched data from the site survey.If there are some pieces of data that do not match the object classes and attributes defined by the default directory schema, customize the schema. See Section 3.4, “Customizing the Schema” for more information.
For example, the following table maps directory schema elements to the data identified during the site survey in Chapter 2, Planning the Directory Data:
Table 3.1. Data Mapped to Default Directory Schema
| Data | Owner | Object Class | Attribute |
|---|---|---|---|
| Employee name | HR | person | cn (commonName) |
| User password | IS | person | userPassword |
| Home phone number | HR | inetOrgPerson | homePhone |
| Employee location | IS | inetOrgPerson | localityName |
| Office phone number | Facilities | person | telephoneNumber |
In Table 3.1, “Data Mapped to Default Directory Schema”, the employee name describes a person. In the default directory schema, there is a
person object class, which inherits from the top object class. This object class allows several attributes, one of which is the cn or commonName attribute to describe the full name of the person. This attribute makes the best match for containing the employee name data.
The user password also describes an aspect of the
person object class, and the userPassword attribute is listed in the allowed attributes for the person object class.
The home phone number describes an aspect of a person; however, there is not a related attribute in the list associated with the
person object class. The home phone number describes an aspect of a person in an organization's enterprise network. This object corresponds to the inetOrgPerson object class in the directory schema. The inetOrgPerson object class inherits from the organizationPerson object class, which in turn inherits from the person object class. Among the inetOrgPerson object's allowed attributes is the homePhone attribute, which is appropriate for containing the employee's home telephone number.
Note
The Red Hat Directory Server Configuration, Command, and File Reference is useful for determining what attributes are available for your data. Each attribute is listed with object classes which accept it, and each object class is cross-listed with required and allowed attributes.
