A user tried to extend the LDAP Schema on Critical Path Directory Server version 4.2 by running LDAPSchema.Exe that came with SecureLogin v3.5.1 but it didn’t work as expected. The reason is that LDAPSchema.Exe should only be run when using the SecureLogin LDAP client with eDirectory or Sun One as the SSO data store. All other LDAP compliant Directory servers, including Critical Path, require an LDIF file.


  1. With an LDIF file, use ldapmodify instead to extend the schema correctly.
  2. Set up the SSL certificates.
  3. Install the SecureLogin LDAP client.
  4. Assign the appropriate ACL’s so SecureLogin will run.

Here is the LDIF file for extending the schema – thanks to David Guest!

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: dguest
Jan 24, 2007
8:44 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow