Gastarbajter

Two years ago I have started a series of articles regarding manipulating Sun Java System Directory Server 5.2 from the command line. This article continues the series and describes the process of adding a new suffix and database to the installation via LDIF.

SJSDS configuration needs two entries for the new suffix:

• backend database definition, and
• mapping tree definition where the backend database is mapped to the actual suffix.

Let’s assume we want to create the following:

• suffix: dc=example, dc=com
• database: exampleCom
• path to the database on the filesystem: /var/opt/mps/serverroot/slapd-hostname/db

Then our LDIF for the backend creation should contain the following:

dn: cn=exampleCom, cn=ldbm database, cn=plugins, cn=config
changetype: add
objectclass: top
objectclass: extensibleObject
objectclass: nsBackendInstance
cn: exampleCom
nsslapd-suffix: dc=example,dc=com
nsslapd-cachesize: -1
nsslapd-cachememsize: 10485760
nsslapd-readonly: off
nsslapd-require-index: off
nsslapd-directory: /var/opt/mps/serverroot/slapd-hostname/db/exampleCom

The attributes have the following meaning:

• cn - name of the database
• nsslapd-suffix - suffix which will be stored in this database
• nsslapd-cachesize - maximum number of entries to be stored in the database
• nsslapd-cachememsize – amount of memory to be allocated for caching
• nsslapd-readonly - is the database read only or not
• nsslapd-require-index - are indices required for search or not
• nsslapd-directory - path on the filesystem to the database

The mapping tree entry for our case is:

dn: cn=dc=example\,dc=com, cn=mapping tree, cn=config
changetype: add
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
cn: dc=example,dc=com
nsslapd-state: Backend
nsslapd-backend: exampleCom

If your case covers the situation where a branch in the tree has it’s own database, then you would need nsslapd-parent-suffix attribute. For example, assuming that you have ou=People branch in dc=example,dc=com (ou=People,dc=example,dc=com) which you want to be stored in a separate database, then the attribute would look something like this:

nsslapd-parent-suffix: dc=example,dc=com

The attributes have the following meaning:

• cn - name of the suffix
• nsslapd-state - suffix state which can be: backend, referral, referral on update or disabled (for more information refer to the documentation)
• nsslapd-backend - name of the database which holds the data
• nsslapd-parent-suffix – in case of a branch with the separate database, this attribute points to the parent of the branch

Given that now we have the LDIF file containing both entries)we can import it to our directory via ldapmodify:

ldapmodify -h localhost -p 389 -D “cn=Directory Manager” -w password -f newSuffix.ldif