The Domino® LDAP schema

The default Domino® LDAP schema includes both Domino-specific and LDAP-standard elements.

The default Domino® LDAP schema includes:

  • Domino-specific schema elements defined by the default forms in the Domino® Directory
  • All LDAP-standard schema elements defined in RFCs 2252, 2256, 2798, 2247, and 2739. The LDAP service uses the file LSCHEMA.LDIF to build these elements in the default schema.

You can extend the schema to add custom schema elements that your organization needs.

To see detailed information about the Domino® LDAP schema, open the Domino® LDAP Schema database (SCHEMA.NSF) on any server that runs the LDAP service.

How an LDAP object class relates to a Domino® form

An LDAP object class is similar to a form in the Domino® Directory, in that each defines a set of information for a directory entry. A Domino-specific object class -- whose name usually begins with domino -- always maps to a form in the Domino® Directory. For example, the object class dominoPerson maps to the form Person, and the object class dominoGroup maps to the form Group.

An object class that is not specific to Domino®, for example a standard LDAP object class defined in the LSCHEMA.LDIF file, maps to a form only if you create such a form. For example, the object class residentialPerson is part of the default Domino® LDAP schema, but it has no corresponding form in the Domino® Directory. Therefore by default you can use only LDAP operations to add, search, and modify residentialPerson entries. To give Notes® and Web users access to these entries, you must create a corresponding form following a specific procedure. If you create a corresponding form, residentialPerson entries are created as documents that are visible to Notes® and Web users.

For instructions on creating a form in the Domino® Directory that corresponds to an object class, see the topic Customizing the Domino® Directory in the related links.

Domino® forms that are not defined as object classes in the default Domino® LDAP schema

The following forms in the Domino® Directory are not defined as object classes in the schema because their designs do not include a field that defines a distinguished name:

  • CrossCertificate
  • Location
  • Server\Configuration Settings
  • Server\Connection
  • Server\Holiday
  • Server\Domain
  • Server\User Setup Profile

How an LDAP attribute relates to a Domino® field

An LDAP attribute is similar to a field in the Domino® Directory in that each define a piece of information about a directory entry. An LDAP attribute defined for a Domino-specific object class always maps to a field in a form in the Domino® Directory. The name of the attribute and the name of the field may not be identical. This difference occurs when a preexisting field in Domino® has a purpose similar to an LDAP-standard attribute. For example, the LDAP attribute uid maps to the Domino® field ShortName.

By default, an attribute that is not Domino-specific does not map to a visible field in the Domino® Directory.

LDAP-standard attributes on Domino® forms

If a Domino® object class inherits from an LDAP-standard object class, the fields that represent the inherited attributes may be hidden in the Domino® Directory document. For example, the dominoPerson object class inherits the attribute employeeNumber from the LDAP-standard object class inetOrgPerson. However, the field employee number is only apparent when you select a Person document, choose Edit - Properties, and select the second tab in the Document properties box to see a listing of all the fields. You can add the field to the $PersonInheritableSchema subform to make the field visible.

How an LDAP syntax relates to a field type

There are some syntaxes in the default Domino® LDAP schema that map to Domino® field types. For example, the LDAP syntax Integer maps to the field type Number. To see whether a syntax maps to a Domino® field, find the document for the syntax in the Schema database (SCHEMA.NSF), and compare the LDAP name field to the Notes® mapping field.