Solved

How to Create OpenLDAP schema

Posted on 2012-03-28
3
892 Views
Last Modified: 2012-03-31
I have configured the openldap (2.4.23) server in centos 6 and running successfully. I want to store secret question and answer in ldap for all user, by using this user can able to reset their password by answering the secret question.  For this i need to create a custom schema. i don't know how to create a own schema for this. Please help.
0
Comment
Question by:rajasekarramasamy
  • 2
3 Comments
 
LVL 31

Expert Comment

by:farzanj
ID: 37776707
It depends upon your current set up.  Is the current schema accessible by the users?  Can they query the LDAP and see at least the hashes of their passwords?  Basically, your questions and answers should be hidden just like the password hashes.

There is no complicated schema.  Just add
secret question:
secret answer:

Just like the password field.
0
 

Author Comment

by:rajasekarramasamy
ID: 37777787
Can they query the LDAP and see at least the hashes of their passwords?

Yes.

Having any sample schema for my requirement?
0
 
LVL 31

Accepted Solution

by:
farzanj earned 500 total points
ID: 37777897
This might be a little help
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=%2Frzahy%2Frzahyunderdn.htm

First you have to see which object class is the password stored in or a member of.  Use your object browser to see that.
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=%2Frzahy%2Frzahyunderdn.htm

In that object class, you need to add two more fields, secretQuestion and secretAnswer.  Since this object class would also be a part of person's LDIF, you will have to make minimal changes.  You will only need to add these attributes.
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linux server cannot access samba share 12 89
I think my Ubuntu 12.10 box is hacked, but not sure... 13 50
nagios 1 21
Run DOS2UNIX and then execute the command 21 32
In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now