Not only does the LDAP schema define which attributes an LDAP entry must contain and which are optional, but also the syntax for each of them. All entries always contain an objectclass attribute specifying their set of attributes.
Furthermore, each LDAP attribute has a type associated with a syntax. The syntax specifies what sort of values an attribute may contain. For example, a schema can define the name attribute as a string of characters, the telephoneNumber attribute - as a string of numbers with spaces and hyphens, etc. Please make sure to pay good attention to syntax when specifying an attribute value. The Add/Modify Attribute Wizard displays attribute syntax for each attribute being created or modified.
To add or modify an attribute:
Select entries, to which you'd like to add an attribute, or modify existent ones.
Click
Add/Modify Attribute on the Entry toolbar, or if you've selected more than one entry, choose
the same command from the context menu to launch the Add/Modify Attribute wizard.
The Wizard comprises two steps:
Step 1: Choosing AttributeAt this step, you need to choose an attribute you'd like to add or modify. Select one from the list containing all attributes eligible for the current entry as defined by the LDAP schema and click Next, or just double-click the attribute.
To quickly find an attribute, enter several characters the name of this attribute contains and you will get a filtered list of attributes containing the characters entered. |
If your intention is to add an attribute not defined by the schema, click Add Extra. But note that in this case you face the risk of getting an error because your LDAP server may not support this attribute.
To hide the existing attributes in the list, activate the Hide existing check box. This feature is available only if you perform an operation on a single entry.
Step 2: Specifying Attribute ValueHere you need to specify a value for the selected attribute. Depending on the attribute type, the Wizard will offer you to make use of one of the associated editors in order to facilitate the attribute creation process. Learn more about editing attribute values.
To replace the existing attribute values with the specified, check Replace existing values. This feature is available only for multi-valued attributes.
If you need some attributes to include values of other attributes in the course of entry modification, you can use attribute value references. For example, you may want to add the 'mail' attribute to some user entries, which must contain the user UID and a constant domain name. Since the attribute values are different for each user, you won't be able to perform the operation without special means. This is the situation when value references can be of help for you. To perform such a modification you need to add the following value for the 'mail' attribute: %uid%@company.com, where %uid% is a reference to the 'uid' attribute. Before setting the value to a user entry, LDAP Administrator will substitute %uid% with the real value of the uid attribute creating unique values for each user entry. |
The Add/Modify Attribute Wizard requires a valid LDAP schema to be used. In case the LDAP schema fails to be loaded from the LDAP server, the Wizard will attempt using the default LDAP schema, but in this case, the attribute creation or modification may potentially result in errors. |