Schema-checking
When schema-checking is enabled the LDAP service carries out LDAP add and modify operations only if the operations conform to the schema. Schema checking is enabled by default and it is best to keep this default behavior if you allow write access to a directory so that you have better control over the contents of a directory.
About this task
When schema-checking is enabled the LDAP service does the following to check that LDAP add and modify operations comply with the schema:
- Verifies that each object class specified in an LDAP add operation is defined in the schema.
- Verifies that attributes specified in LDAP add and modify operations are associated with valid object classes for the entry.
- Verifies that during an LDAP add operation all mandatory attribute(s) required by the object classes for the entry are provided.
If any of these checks fail, the LDAP service aborts the operation and returns the message, Object Class Violation.
Schema-checking is done only for LDAP add and modify operations and not when Notes® and Web users add and change documents in a Domino® Directory.