How to Create LDAP Schema with Eclipse

LDAP schema can be created easily using eclipse and then it can be imported in LDIF file. To start with LDAP schema, we must ensure that LDAP server must be running. In LDAP server data is saved in hierarchical tree structure. We will take one example of data and will create the schema using eclipse. After creation we will import this data and save it into LDIF file. The dependency is that LDAP server must be installed in eclipse and should be running. Find the link.

Create Local LDAP Server in Eclipse with Apache Directory Studio

To create LDAP schema, we must be familiar with some keyword which is used in LDAP schema. Find those keywords which will frequently be used in creating LDAP schema.

o : Organization
ou : Organizational unit
cn : Common Name
sn : Surname
uid : User Id
dn : Distinguished name

Now to create schema we will create a scenario. We have a cp as organization. It has two role admin and reader and two users. We will associate one user with admin role and one user with reader role. Find the tree structure of data.

cp
|__roles __admin
|	|__ reader
|__users__Mahesh Sharma
	|__ Nikhil Singh	

Now we will go step by step to create schema.

1. Create the Partition

To create the partition, double click on the LDAP server and then click on partitions tab at the bottom. Click on add button. Enter data in ID text as cp and change suffix as o=cp as below. Save it. Restart the LDAP server, refresh the LDAP browser and check for cp partition.

2. Create the Roles

Now we need to create the roles. To create role, right click on o=cp in LDAP browser. Select create entry from scratch and click on next. From Available object classes column, select organizationalUnit and click on add. Now it will be available in Selected object classes column as below. Click on next. Enter "ou" in RDN text and "admin" in next to it as below. Click on next and finish it. In the same way create reader role using RDN as "ou" and value as "reader". Refresh the LDAP browser and will be able to see both role as below.

3. Add Users

Now we will add users. We have two user, we will create user id and password for both user and will associate one user with admin role and second user with reader role. First we will create for admin. Right click on ou=admin in LDAP browser. Click on New->New Entry and select "create entry from scratch" and go to next and find inetOrgPerson from "Available object classes" column. Click on add and then it will be available in "Selected Object classes" column as below. Click on next and enter "cn" as RDN and value as "Mahesh Sharma" as below Click on next button and you will get a screen in which sn will be black. Enter "Sharma" there as below. Now we will add user id and password for the user. Right click on above screen and go to "New Attribute" select uid as below. Click on finish. And enter a user name as "umahesh". In the same way, we need to add password. For this again go to "New Attribute" as above and select "userPassword" as Click on finish button and you will be prompted to enter password. Enter the password as below. Click on ok button then finish. One user is created with admin role. In the same way create another user Nikhil with reader role starting with clicking on ou=reader from LDAP browser. After user creation, we will able to see both user in LDAP browser as below.

Export LDIF file of Created Schema

To get the LDIF file of the created schema, right click on "o=cp", and click on export ->LDIF Export and then click next and browse the location and enter file name as cp.ldif as below Click on finish button. Check for cp.ldif file at specified location. LDIF file will as below.
cp.ldif