> Peter SchÃŒtt wrote: >> I use OpenLDAP 2.4.19 and I try to build >> an own gender attribute. > > Why not use existing suggestions? > >> I need a custom syntax for the value, >> "M" or "W". > > With OpenLDAP you don't need an extra syntax. You could use > slapo-constraint > for restricting attribute values. See the man-page slapo-constraint(5). > >> How can I create my own custom syntax? > > An own LDAP syntax requires coding something which runs inside slapd (e.g. > an > overlay).
Actually, it would be much simpler than an overlay: all one needs to do is write a module that loads a syntax with its own handlers for validation and prettification. This means writing code that needs to be maintained, though. A simpler approach would be to use the boolean syntax, with an attribute that basically contains "isFemale"; then TRUE and FALSE would have a straightforward meaning (in a two-gender world, of course). Or, one could use directoryString and restrict the value using slapo-constraint(5); something like constraint_attribute sex regex "^[MW]$" should work (untested, though). p.
