How can i create my own object classes?

Home Forums ForgeRock Products Directory Services How can i create my own object classes?

Learn more about our upcoming Identity Summits

Tagged: , ,

This topic has 4 replies, 3 voices, and was last updated 7 years, 5 months ago by sohanb.

  • Author
    Posts
  • February 26, 2015 at 7:48 am #3206
     sohanb
    Participant

    Hi,

    I want to see how can i create my own object classes.
    Currently i am using java code to create attributes,users and groups.
    Similarly i want to know how can i create user defined object class

    It will be also helpful i can know how to add attributes to obejct class

    If there is now java example is there any way to it commandline?

    • This topic was modified 7 years, 5 months ago by sohanb.
    February 26, 2015 at 9:40 am #3210
     Ludo
    Moderator

    Hi,

    You might want to spend a little bit of time reading OpenDJ documentation : http://opendj.forgerock.org/opendj-server/doc/bootstrap/admin-guide/index.html#chap-schema

    February 26, 2015 at 11:33 am #3218
     sohanb
    Participant

    Here is what i am able to do:

    1. create my own attributes.
    2.Create obejct classe and add my created attribue.

    Code runs successfully and i can see class and attributes created.

    Now using apache active directory tool i connect to my openDJ,
    iwant to add new entry under my ROOT entry.

    When i give my object class and assign attributes to it and click on finish it gives following error:

    Error while creating entry
    – [LDAP: error code 21 – Entry “SECURE-OBJ-NAME=mySecureObj,o=openam” contains a value “mySecureObj” for attribute SECURE-OBJ-NAME that is invalid according to the syntax for that attribute: The provided value “mysecureobj” could not be parsed as a guide value because the criteria portion mysecureobj did not contain a dollar sign to separate the attribute type from the match type]
    java.lang.Exception: [LDAP: error code 21 – Entry “SECURE-OBJ-NAME=mySecureObj,o=openam” contains a value “mySecureObj” for attribute SECURE-OBJ-NAME that is invalid according to the syntax for that attribute: The provided value “mysecureobj” could not be parsed as a guide value because the criteria portion mysecureobj did not contain a dollar sign to separate the attribute type from the match type]
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1280)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$600(DirectoryApiConnectionWrapper.java:109)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$6.run(DirectoryApiConnectionWrapper.java:928)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1109)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.createEntry(DirectoryApiConnectionWrapper.java:950)
    at org.apache.directory.studio.ldapbrowser.core.jobs.CreateEntryRunnable.createEntry(CreateEntryRunnable.java:224)
    at org.apache.directory.studio.ldapbrowser.core.jobs.CreateEntryRunnable.run(CreateEntryRunnable.java:124)
    at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:112)
    at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)

    [LDAP: error code 21 – Entry “SECURE-OBJ-NAME=mySecureObj,o=openam” contains a value “mySecureObj” for attribute SECURE-OBJ-NAME that is invalid according to the syntax for that attribute: The provided value “mysecureobj” could not be parsed as a guide value because the criteria portion mysecureobj did not contain a dollar sign to separate the attribute type from the match type]

    I dont understand what is this error, i goggled it but no luck can you tell me what is wrong here.
    if you want i can paste my code snapshot?

    February 26, 2015 at 6:21 pm #3235
     Mark Craig
    Participant

    Hi,

    Based on the error message you see, it looks like your attribute SECURE-OBJ-NAME has guide or maybe enhanced guide syntax.

    LDAP: error code 21 – Entry “SECURE-OBJ-NAME=mySecureObj,o=openam” contains a value “mySecureObj” for attribute SECURE-OBJ-NAME that is invalid according to the syntax for that attribute: The provided value “mysecureobj” could not be parsed as a guide value because the criteria portion mysecureobj did not contain a dollar sign to separate the attribute type from the match type

    I found these syntaxes described in RFC 4517, https://tools.ietf.org/html/rfc4517#section-3.3.10 and https://tools.ietf.org/html/rfc4517#section-3.3.14 . As you can see in the example in section 3.3.10, attributes of that type have quite particular values.

    Are you sure you didn’t want to use a more common syntax for your custom attribute, such as directory string? See https://tools.ietf.org/html/rfc4517#section-3.3.6. Directory string syntax has OID 1.3.6.1.4.1.1466.115.121.1.15.

    February 27, 2015 at 7:20 am #3244
     sohanb
    Participant

    Yes you are right ,that was helpful to understand. I want to use something like Directory string.
    This syntax worked for me.

    Thanks!

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.
Visit our blog

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?