• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 923
  • Last Modified:

How to Create OpenLDAP schema

I have configured the openldap (2.4.23) server in centos 6 and running successfully. I want to store secret question and answer in ldap for all user, by using this user can able to reset their password by answering the secret question.  For this i need to create a custom schema. i don't know how to create a own schema for this. Please help.
0
rajasekarramasamy
Asked:
rajasekarramasamy
  • 2
1 Solution
 
farzanjCommented:
It depends upon your current set up.  Is the current schema accessible by the users?  Can they query the LDAP and see at least the hashes of their passwords?  Basically, your questions and answers should be hidden just like the password hashes.

There is no complicated schema.  Just add
secret question:
secret answer:

Just like the password field.
0
 
rajasekarramasamyAuthor Commented:
Can they query the LDAP and see at least the hashes of their passwords?

Yes.

Having any sample schema for my requirement?
0
 
farzanjCommented:
This might be a little help
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=%2Frzahy%2Frzahyunderdn.htm

First you have to see which object class is the password stored in or a member of.  Use your object browser to see that.
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=%2Frzahy%2Frzahyunderdn.htm

In that object class, you need to add two more fields, secretQuestion and secretAnswer.  Since this object class would also be a part of person's LDIF, you will have to make minimal changes.  You will only need to add these attributes.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now