OpenDS Tips: Disabling Schema checking

Opends Logo TagWhen you install OpenDS LDAP directory server, the server is configured to verify that newly-written or added entries conform to the directory server’s schema (and therefore conform to the LDAP standards).

If you intend to run a reliable service with OpenDS, and provide interoperability between multiple LDAP clients, you should not change this setting. But sometime, developers need to quickly test LDAP with existing data and don’t have the complete definition of the schema, or don’t have time to deal with loading the proper schema. Then, the quick option is to disable schema checking.

This can be done using the dsconfig advanced mode, and the global configuration option check-schema.

dsconfig set-global-configuration-prop \

–set check-schema:false \

–hostname localhost \

–trustAll \

–port 4444 \

–bindDN cn=Directory\ Manager \

–bindPassword ****** \

–no-prompt

There are 2 other properties that can be tuned for a finer grain control of schema checking:

  • invalid-attribute-syntax-behavior: controls whether the syntax of the attribute values are checked when adding, modifying entries.
  • single-structural-objectclass-behavior: controls how the server should behave if an attempt is made to add or modify an entry with more than one structural objectclass.

You can find more details on schema checking on the OpenDS documentation wiki and more specifically at https://www.opends.org/wiki/page/HowToExtendTheLDAPSchema#section-HowToExtendTheLDAPSchema-ConfiguringSchemaChecking

Technorati Tags: , , ,

2 thoughts on “OpenDS Tips: Disabling Schema checking

  1. Karl 21 January 2009 / 13:22

    Even though schema checking is turned off, is there something written to a log when something does not conform?
    I would like to firefight things before turning it back on.

  2. Ludo 22 January 2009 / 02:22

    No, when schema checking is disabled, there is no check thus no warning.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s