Vim_LDAP_schema_generated_0.png

Script Installation

To install the script and use it in Vim, you can copy the file ldap_schema.vim in your home folder, in a “.vim” folder. Then you can use the following in your Vim init file in your home folder (“.vimrc” in Linux, “_vimrc” in Windows):

source $HOME/.vim/ldap_schema.vim
map <F9> :call LDIF:GenerateSchema( input( "Schema prefix: ", "my" ), input( "Separator: ", "\t" ) )<CR>

The second line maps the function to the F9 key, but you can map it as you want.

Schema Extraction

To extract the whole schema from a directory, you can use the tool LDAP Browser, by connecting on the base DN cn=schema or with LDAP Console, by connecting to a tree and using the command “cat cn=schema”.

The script also works fine with schema export already in LDIF format (if extracted from iManager for instance).

Script Execution

To execute the script, simply press F9, specify the prefix you use in your custom schema (for instance “my”) and choose the separator to use (“\t” which means “tab” for LDAP Browser or “: ” for LDAP Console for instance).

Here is a short schema export example, containing a mix of core and custom attributes and classes. The custom schema starts with “my”:

1 objectClasses   ( 2.5.6.2 NAME 'Country' SUP Top STRUCTURAL MUST c MAY ( description $ searchGuide $ sssActiveServerList $ sssServerPolicyOverrideDN ) X-NDS_NAMING 'c' X-NDS_CONTAINMENT ( 'Top' 'treeRoot' 'domain' ) X-NDS_NONREMOVABLE '1' )
2 objectClasses   ( 2.5.6.3 NAME 'Locality' SUP Top STRUCTURAL MAY ( description $ l $ seeAlso $ st $ street $ searchGuide $ sssActiveServerList $ sssServerPolicyOverrideDN ) X-NDS_NAMING ( 'l' 'st' ) X-NDS_CONTAINMENT ( 'Country' 'organizationalUnit' 'Locality' 'Organization' 'domain' ) X-NDS_NONREMOVABLE '1' )
3 objectClasses   ( mypersonaux-oid NAME 'myPersonAux' AUXILIARY MAY ( myArchiveEndDate $ myEndDate $ myHomeStreet2 $ myHomeStreet1 $ myStartDate $ myGender $ myBirthDate $ myArchiveDate $ myHomeCountry $ myWebsite $ myInitialPassword $ myRehireStatus ) X-NDS_NOT_CONTAINER '1' )
4 objectClasses   ( mygroupaux-oid NAME 'myGroupAux' AUXILIARY MAY ( myAppGroup ) X-NDS_NOT_CONTAINER '1' )
5 attributeTypes  ( 2.16.840.1.113719.1.1.4.1.25 NAME 'groupMembership' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-NDS_NAME 'Group Membership' X-NDS_NAME_VALUE_ACCESS '1' X-NDS_NONREMOVABLE '1' )
6 attributeTypes  ( 2.16.840.1.113719.1.1.4.1.26 NAME 'ndsHomeDirectory' SYNTAX 2.16.840.1.113719.1.1.5.1.15{255} SINGLE-VALUE X-NDS_NAME 'Home Directory' X-NDS_LOWER_BOUND '1' X-NDS_UPPER_BOUND '255' X-NDS_NONREMOVABLE '1' )
7 attributeTypes  ( mybirthdate-oid NAME 'myBirthDate' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
8 attributeTypes  ( myinitialpassword-oid NAME 'myInitialPassword' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64512} SINGLE-VALUE )

Here is the result when pressing F9, Enter, Enter:

 1 # LDIF schema generated by Vim
 2 # Schema prefix match "my"
 3 version: 1
 4
 5 dn: cn=schema
 6 changetype: modify
 7 add: attributeTypes
 8 attributeTypes: ( mybirthdate-oid NAME 'myBirthDate' SYNTAX 1.3.6.1.4.1.1466.1
 9  15.121.1.24 SINGLE-VALUE )
10
11 dn: cn=schema
12 changetype: modify
13 add: attributeTypes
14 attributeTypes: ( myinitialpassword-oid NAME 'myInitialPassword' SYNTAX 1.3.6.
15  1.4.1.1466.115.121.1.15{64512} SINGLE-VALUE )
16
17 dn: cn=schema
18 changetype: modify
19 add: objectClasses
20 objectClasses: ( mygroupaux-oid NAME 'myGroupAux' AUXILIARY MAY ( myAppGroup )
21   X-NDS_NOT_CONTAINER '1' )
22
23 dn: cn=schema
24 changetype: modify
25 add: objectClasses
26 objectClasses: ( mypersonaux-oid NAME 'myPersonAux' AUXILIARY MAY ( myArchiveE
27  ndDate $ myEndDate $ myHomeStreet2 $ myHomeStreet1 $ myStartDate $ myGender $
28   myBirthDate $ myArchiveDate $ myHomeCountry $ myWebsite $ myInitialPassword
29  $ myRehireStatus ) X-NDS_NOT_CONTAINER '1' )

You can also call the script using the following command:

:call LDIF:GenerateSchema("my","\t")

Try the script on the test schema attached, which is a full schema export. The custom schema starts with “my”, and separator is tab, \t or ^I (Control + I) in Vim.

More about the Vim Script

Vim allows rapid text scripts development, as you can easily test many regular expressions and quickly undo / redo your changes. Don’t hesitate to view the .vim file and see how it works.

This script uses a few simple regular expressions. For instance, the following command simply deletes all lines in the schema export that does not contain “objectClasses” or “attributeTypes”:

:v/^objectClasses\|^attributeTypes/d

This one delete all lines that does not contain the prefix “my”:

:v/'my/d

The following sorts the content of the buffer, so objectClasses attributes are at the end and attributeTypes attributes are at the beginning:

:1,$!sort

This last example converts a line entry in the export to LDIF format:

%s/\(^attributeTypes\|^objectClasses\)\t\(.*\)/dn: cn=schema\rchangetype: modify\radd: \1\r\1: \2\r

If you want to see a more powerful Vim script, check the tip Generating a Backlinks LDIF from a Links Export

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: rkalfane
Dec 26, 2007
7:04 pm
Reads:
1,365
Score:
Unrated