Add custom LDAP attributes to Zimbra LDAP

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
wodel
Advanced member
Advanced member
Posts: 52
Joined: Sat Sep 13, 2014 12:24 am

Add custom LDAP attributes to Zimbra LDAP

Post by wodel »

Hi,

I am using Zimbra FOSS 8.8.8 latest, I need to add some custom attributes to Zimbra ldap, I followed this article https://wiki.zimbra.com/wiki/Installing ... dap_schema
I managed to generate the ldif of my custom schema and I copied the schema to /opt/zimbra/data/ldap/config/cn\=config/cn\=schema/ as cn={11}user99.ldif and I restarted ldap without any problem.

I then created a new account, then I tried to modify that account to use one of my custom attributes, but I get this error :

Code: Select all

[zimbra@zldap1 ~]$ zmprov ma adel@example.com webTelexMail a.wodel@telex.example.com 
[] WARN: checkValue: no attribute info for: webTelexMail
ERROR: service.FAILURE (system failure: unable to modify attrs: object class violation - unable to modify attributes: ldap host=zldap1.example.com:389: attribute 'webTelexMail' not allowed) (cause: com.zimbra.cs.ldap.LdapException$LdapObjectClassViolationException object class violation - unable to modify attributes: ldap host=zldap1.example.com:389: attribute 'webTelexMail' not allowed)
Is adding custom attributes possible? if yes what I am missing?

Regards
wodel
Advanced member
Advanced member
Posts: 52
Joined: Sat Sep 13, 2014 12:24 am

Re: Add custom LDAP attributes to Zimbra LDAP

Post by wodel »

Hi again,

This my new class of attributes :

Code: Select all

[zimbra@zldap1 cn=schema]$ cat cn\=\{11\}user99.ldif 
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 cb652ef7
dn: cn={11}user99
objectClass: olcSchemaConfig
cn: {11}user99
olcAttributeTypes: {0}( 1.3.6.1.4.1.47424.1.1.2.2 NAME 'maidenName' EQUALITY
  caseIgnoreMatch SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.146
 6.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: {1}( 1.3.6.1.4.1.47424.1.1.2.5 NAME 'gender' EQUALITY cas
 eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'us
 er defined' )
olcAttributeTypes: {2}( 1.3.6.1.4.1.47424.1.1.2.3 NAME 'webTelexMail' EQUALI
 TY caseIgnoreMatch SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1
 466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: {3}( 1.3.6.1.4.1.47424.1.1.2.1 NAME 'recruitmentDate' EQU
 ALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1
 .4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: {4}( 1.3.6.1.4.1.47424.1.1.2.4 NAME 'jobTitle' EQUALITY c
 aseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN '
 user defined' )
olcObjectClasses: {0}( 1.3.6.1.4.1.47424.1.1.2.0 NAME 'myNewClass' DE
 SC 'Custom' SUP inetorgperson STRUCTURAL MAY ( gender $ jobTitle $ maidenNa
 me $ recruitmentDate $ webTelexMail ) X-ORIGIN 'user defined' )
structuralObjectClass: olcSchemaConfig
entryUUID: d1ca3574-f2d0-1037-9aee-b9b3ada5f931
creatorsName: cn=config
createTimestamp: 20180523123028Z
entryCSN: 20180523123028.087148Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20180523123028Z
When I try to add the new objectClass to user entry I get this error

Code: Select all

[zimbra@zldap1 cn=schema]$ zmprov -m -l ma adel@example.com +objectClass myNewClass
ERROR: service.FAILURE (system failure: unable to modify attrs: LDAP error:  - unable to modify attributes: ldap host=zldap1.example.com:389: structural object class modification from 'inetOrgPerson' to 'myNewClass' not allowed) (cause: com.zimbra.cs.ldap.LdapException LDAP error:  - unable to modify attributes: ldap host=zldap1.example.com:389: structural object class modification from 'inetOrgPerson' to 'myNewClass' not allowed)
What I don't understand why is it trying to replace and not add the objectClass? any idea?

Regards.
wodel
Advanced member
Advanced member
Posts: 52
Joined: Sat Sep 13, 2014 12:24 am

Re: Add custom LDAP attributes to Zimbra LDAP

Post by wodel »

Hi again,

Here what I've managed to do so far :

Using my new objectclass myNewClass as a STRUCTURAL SUB class of inetOrgPerson does not work, why? I don't know for now. when I try to add the new objectclass, ldap tries to replace and not add inetOrgPerson with myNewClass, which causes the error.

I've modified my class to be a AUXILIARY SUB class of top, and it worked, I managed to add my new class to a user entry and add my new attributes.

I don't know what could be the consequences of that. :mrgreen:

Code: Select all

dn: cn={11}user99
objectClass: olcSchemaConfig
cn: {11}user99
olcAttributeTypes: ( 1.3.6.1.4.1.47424.1.1.2.2 NAME 'maidenName' EQUALITY
  caseIgnoreMatch SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.146
 6.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 1.3.6.1.4.1.47424.1.1.2.5 NAME 'gender' EQUALITY cas
 eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'us
 er defined' )
olcAttributeTypes: ( 1.3.6.1.4.1.47424.1.1.2.3 NAME 'webTelexMail' EQUALI
 TY caseIgnoreMatch SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1
 466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 1.3.6.1.4.1.47424.1.1.2.1 NAME 'recruitmentDate' EQU
 ALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1
 .4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 1.3.6.1.4.1.47424.1.1.2.4 NAME 'jobTitle' EQUALITY c
 aseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN '
 user defined' )
olcObjectClasses: ( 1.3.6.1.4.1.47424.1.1.2.0
 NAME 'myNewclass'
 DESC 'Custom'
 SUP top
 AUXILIARY
 MAY ( gender $ jobTitle $ maidenName $ recruitmentDate $ webTelexMail )
 X-ORIGIN 'user defined' )
Regards.
Post Reply