Code development is separated into three primary categories.

Script Development#

Scripts development requires considerably time to create, test and modify. The Script Development is currently located at: 
\\ino0s701.svr.[Directory-Info.com].net\users\home\rgiven\edir.dev\

Schema and DIT Modifications#

Changes to the schema and DIT are deployed by providing LDIF files that are imported to the LDAP directories as needed, via scripts.

Attribute Changes#

Attribute changes are implemented via the /Directory-Info.com/schema/b1.at.ldif file. It is important that changes to Custom Attribute definitions and OID allocations be tracked.

ObjectClass Changes#

ObjectClass changes are implemented via the /Directory-Info.com/schema/b1.oc.ldif file. It is important that changes to Custom defined ObjectClass Definitions be tracked.

DIT Creation#

DIT changes are implemented are the creation of the directory tree structure. The following files are located in /Directory-Info.com/schema/: b1.ou.ldif

Security groups and users#

There are some common Security groups for administration that are utilized for each directory instance created. The following files create these entries and are located in /Directory-Info.com/schema/
  • b1.sec.ldif – Adds common groups and sets Access Control Lists (ACLs) for the groups.
  • deltaAdmins.ldif - Adds common groups and sets Access Control Lists (ACLs) for the groups.
  • deltaGroups.ldif - Adds common groups and sets Access Control Lists (ACLs) for the groups.
  • deltaReadGroups.ldif - Adds common groups and sets Access Control Lists (ACLs) for the groups.
  • middlewareAdmin.ldif - Adds common groups and sets Access Control Lists (ACLs) for the groups.
  • cn=IDMAccessAdmin,ou=Administration -
  • cn=IDMRootReadAdmin,ou=Administration -

Site Minder#

There are several specialized attribute, ObjectClasses, DIT structures and Security groups that are required by the Site Minder environment. These are only applied as needed for LDAP environments that require Siteminder.
  • non-smAdmins.ldif
  • non-smGroups.ldif
  • siteminder-schema.ldif
  • smAdminGroups.ldif
  • smReadGroups.ldif
  • smpsAdmin.ldif
  • smusAdmin.ldif
  • smuser.ldif
  • vettingAdmin.ldif
  • vettingGroups.ldif

SiteMinder#

Attribute changes are implemented via the /Directory-Info.com/schema/ b1.at.ldif file.

PAM#

There are some schema files created for the PAM_LDAP deployment that has not reached production.
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop