Extracting your Custom Schema with Vim


Script Installation

To install the script and use it in Vim, you can copy the file ldap_schema.vim in your home folder, in a ".vim" folder. Then you can use the following in your Vim init file in your home folder (".vimrc" in Linux, "_vimrc" in Windows):

source $HOME/.vim/ldap_schema.vim

map <F9> :call LDIF:GenerateSchema( input( "Schema prefix: ", "my" ), input( "Separator: ", "\t" ) )<CR>

The second line maps the function to the F9 key, but you can map it as you want.

Schema Extraction

To extract the whole schema from a directory, you can use the tool LDAP Browser, by connecting on the base DN cn=schema or with LDAP Console, by connecting to a tree and using the command "cat cn=schema".

The script also works fine with schema export already in LDIF format (if extracted from iManager for instance).

Script Execution

To execute the script, simply press F9, specify the prefix you use in your custom schema (for instance "my") and choose the separator to use ("\t" which means "tab" for LDAP Browser or ": " for LDAP Console for instance).

Here is a short schema export example, containing a mix of core and custom attributes and classes. The custom schema starts with "my":

1 objectClasses   ( NAME 'Country' SUP Top STRUCTURAL MUST c MAY ( description $ searchGuide $ sssActiveServerList $ sssServerPolicyOverrideDN ) X-NDS_NAMING 'c' X-NDS_CONTAINMENT ( 'Top' 'treeRoot' 'domain' ) X-NDS_NONREMOVABLE '1' )

2 objectClasses   ( NAME 'Locality' SUP Top STRUCTURAL MAY ( description $ l $ seeAlso $ st $ street $ searchGuide $ sssActiveServerList $ sssServerPolicyOverrideDN ) X-NDS_NAMING ( 'l' 'st' ) X-NDS_CONTAINMENT ( 'Country' 'organizationalUnit' 'Locality' 'Organization' 'domain' ) X-NDS_NONREMOVABLE '1' )

3 objectClasses   ( mypersonaux-oid NAME 'myPersonAux' AUXILIARY MAY ( myArchiveEndDate $ myEndDate $ myHomeStreet2 $ myHomeStreet1 $ myStartDate $ myGender $ myBirthDate $ myArchiveDate $ myHomeCountry $ myWebsite $ myInitialPassword $ myRehireStatus ) X-NDS_NOT_CONTAINER '1' )

4 objectClasses   ( mygroupaux-oid NAME 'myGroupAux' AUXILIARY MAY ( myAppGroup ) X-NDS_NOT_CONTAINER '1' )

5 attributeTypes  ( 2.16.840.1.113719. NAME 'groupMembership' SYNTAX X-NDS_NAME 'Group Membership' X-NDS_NAME_VALUE_ACCESS '1' X-NDS_NONREMOVABLE '1' )

6 attributeTypes  ( 2.16.840.1.113719. NAME 'ndsHomeDirectory' SYNTAX 2.16.840.1.113719.{255} SINGLE-VALUE X-NDS_NAME 'Home Directory' X-NDS_LOWER_BOUND '1' X-NDS_UPPER_BOUND '255' X-NDS_NONREMOVABLE '1' )

7 attributeTypes  ( mybirthdate-oid NAME 'myBirthDate' SYNTAX SINGLE-VALUE )

8 attributeTypes  ( myinitialpassword-oid NAME 'myInitialPassword' SYNTAX{64512} SINGLE-VALUE )

Here is the result when pressing F9, Enter, Enter:

 1 # LDIF schema generated by Vim

 2 # Schema prefix match "my"

 3 version: 1


 5 dn: cn=schema

 6 changetype: modify

 7 add: attributeTypes

 8 attributeTypes: ( mybirthdate-oid NAME 'myBirthDate' SYNTAX



11 dn: cn=schema

12 changetype: modify

13 add: attributeTypes

14 attributeTypes: ( myinitialpassword-oid NAME 'myInitialPassword' SYNTAX 1.3.6.

15{64512} SINGLE-VALUE )


17 dn: cn=schema

18 changetype: modify

19 add: objectClasses

20 objectClasses: ( mygroupaux-oid NAME 'myGroupAux' AUXILIARY MAY ( myAppGroup )



23 dn: cn=schema

24 changetype: modify

25 add: objectClasses

26 objectClasses: ( mypersonaux-oid NAME 'myPersonAux' AUXILIARY MAY ( myArchiveE

27  ndDate $ myEndDate $ myHomeStreet2 $ myHomeStreet1 $ myStartDate $ myGender $

28   myBirthDate $ myArchiveDate $ myHomeCountry $ myWebsite $ myInitialPassword

29  $ myRehireStatus ) X-NDS_NOT_CONTAINER '1' )

You can also call the script using the following command:

:call LDIF:GenerateSchema("my","\t")

Try the script on the test schema attached, which is a full schema export. The custom schema starts with "my", and separator is tab, \t or ^I (Control I) in Vim.

More about the Vim Script

Vim allows rapid text scripts development, as you can easily test many regular expressions and quickly undo / redo your changes. Don't hesitate to view the .vim file and see how it works.

This script uses a few simple regular expressions. For instance, the following command simply deletes all lines in the schema export that does not contain "objectClasses" or "attributeTypes":


This one delete all lines that does not contain the prefix "my":


The following sorts the content of the buffer, so objectClasses attributes are at the end and attributeTypes attributes are at the beginning:


This last example converts a line entry in the export to LDIF format:

%s/\(^attributeTypes\|^objectClasses\)\t\(.*\)/dn: cn=schema\rchangetype: modify\radd: \1\r\1: \2\r

If you want to see a more powerful Vim script, check the tip Generating a Backlinks LDIF from a Links Export...