The i5/OS® LDAP server (IBM® Directory Server) is shipped with the LDAP schema already defined. However, if you are using an LDAP server other than IBM Directory Server, you can define your own schema on that server.
If you decide to define your own schema on an LDAP server, the following information might be useful to you.
Network authentication service requires the following LDAP schema definitions, where:
| Object | Requires | Allows |
|---|---|---|
| domain | dc | description seeAlso |
| ibmCom1986-Krb-KerberosService | serviceName ibmCom1986-Krb-KerberosRealm | ipServicePort description seeAlso |
| domain | dc objectClass | description seeAlso |
| Attribute | Type | Size | Value |
|---|---|---|---|
| dc | caseIgnoreString | 64 | single |
| description | caseIgnoreString | 1024 | multiple |
| ibmCom1986-Krb-KerberosRealm | caseExactString | 256 | single |
| ipServicePort | integer | 11 | single |
| seeAlso | DN | 1000 | multiple |
| serviceName | caseIgnoreString | 256 | single |