EduSchemaExtension

SourceForge project name: eduschemaext

PROGRAM NAME:

EduSchemaExtension.exe

BUILD:

DEBUG VERSION:
       
NMAKE /f "EduSchemaExtension.mak" CFG="EduSchemaExtension - Win32 Debug"

NON-DEBUG VERSION:
       
NMAKE /f "EduSchemaExtension.mak" CFG="EduSchemaExtension - Win32 Release"

SYNOPSIS:

EduSchemaExtension.exe

EduSchemaExtension.exe -v -e [-q -L <PathTo/LogFile>]

DESCRIPTION:

EduSchemaExtension will extend a W2K or W2K3 AD schema to include eduOrg and eduPerson attributes/properties/classes.  EduSchemaExtension requires that the computer upon which it is executed be a member of the domain in which the AD is to be extended.  The user account from which EduSchemaExtension is executed must have Schema Admin privileges. 

EduSchemaExtension will examine the AD for eduOrg and eduPerson schema information and display the information on the monitor.  See the -v option below.

 If a eduOrg or eduPerson attribute, property or class exists in the AD, EduSchemaExtension will NOT change it, even if it detects an inconsistency.  EduSchemaExtension is designed only to extend the AD schema for missing attributes, properties or classes.

OPTIONS:

The following arguments to EduSchemaExtension.exe modify its behavior.  If present, the order of exectution for each option is -L -q, -v and -e.   If no arguments are given to EduSchemaExtension.exe , a list valid options will be displayed.

-L (enable logging)
        This option directs output to a log file.  You must specify a valid path and file name.

-q (quiet)
        Don't display verbose information.  If the -L option is used, output will be directed to the log file..

 -v (view schema attributes)
        This option causes EduSchemaExtension.exe to display any eduOrg or eduPerson attributes/properties that are installed/not installed in the AD schema.  Below you will find the examples of the EduSchemaExtension output..  Two passes over the AD schema are made.  The first pass uses the attribute/class attributeID/governsID to retrieve eduOrg/eduPerson schema information.  The second pass uses the attribute/class cn.  The -v option will not make any changes to information that already exists in the AD schema. The listing of attributes/classes can be quite long, therefore it is recommended that the -L option be used whenever the -v option is used.

CHECKING FOR PROPERTY/ATTRIBUTE CONSISTENCY:

NORMAL RESULTS:  No inconsistencies found

Retreiving attribute eduPersonPrincipalName for class eduPerson by attributeID=1.3.6.1.4.1.5923.1.1.1.6
                     OK--->retrieved cn: eduPersonPrincipalName<-->expected eduPersonPrincipalName
                     OK--->retrieved attributeID: 1.3.6.1.4.1.5923.1.1.1.6<-->expected 1.3.6.1.4.1.5923.1.1.1.6
                     OK--->retrieved attributeSyntax: 2.5.5.12<-->expected 2.5.5.12
                     OK--->retrieved oMSyntax: 64<-->expected 64
                     OK--->retrieved isSingleValued: TRUE<-->expected TRUE
                     OK--->retrieved lDAPDisplayName: eduPersonPrincipalName<-->expected eduPersonPrincipalName
                     OK--->retrieved adminDescription: eduPerson per Internet2 and EDUCAUSE<-->expected eduPerson per Internet2 and EDUCAUSE

INCONSISTENT RESULTS:  A comparison is made between what exists in the AD schema and what is expected.  If any inconsistency is found it is display as below.

Retreiving attribute eduPersonOrgDN for class eduPerson by attributeID=1.3.6.1.4.1.5923.1.1.1.3
                      OK--->retrieved cn: eduPersonOrgDN<-->expected eduPersonOrgDN
                      OK--->retrieved attributeID: 1.3.6.1.4.1.5923.1.1.1.3<-->expected 1.3.6.1.4.1.5923.1.1.1.3
INCONSISTENT--->retrieved attributeSyntax: 2.5.5.4<-->expected 2.5.5.1
INCONSISTENT--->retrieved oMSyntax: 20<-->expected 127
                       OK--->retrieved isSingleValued: TRUE<-->expected TRUE
                       OK--->retrieved lDAPDisplayName: eduPersonOrgDN<-->expected eduPersonOrgDN
                       OK--->retrieved adminDescription: eduPerson per Internet2 and EDUCAUSE<-->expected eduPerson per Internet2 and EDUCAUSE

ATTRIBUTE NOT INSTALLED:

Retreiving attribute eduPersonEntitlement for class eduPerson by cn=eduPersonEntitlement
   property "cn" cannot be found
   property "attributeID" cannot be found
   property "attributeSyntax" cannot be found
   property "oMSyntax" cannot be found
   property "isSingleValued" cannot be found
   property "lDAPDisplayName" cannot be found
   property "adminDescription" cannot be found

CHECKING FOR CLASS CONSISTENCY:

NORMAL RESULTS:  No inconsistencies found

Retreiving attributes for class eduPerson by cn=eduPerson
                       OK--->retrieved cn: eduPerson<-->expected eduPerson
                       OK--->retrieved governsID: 1.3.6.1.4.1.5923.1.1.8<-->expected 1.3.6.1.4.1.5923.1.1.2
                       OK--->retrieved lDAPDisplayName: eduPerson<-->expected eduPerson

INCONSISTENT RESULTS:  A comparison is made between what exists in the AD schema and what is expected.  If any inconsistency is found it is display as below.

Retreiving attributes for class eduPerson by cn=eduPerson
                       OK--->retrieved cn: eduPerson<-->expected eduPerson
INCONSISTENT--->retrieved governsID: 1.3.6.1.4.1.5923.1.1.8<-->expected 1.3.6.1.4.1.5923.1.1.2
                       OK--->retrieved lDAPDisplayName: eduPerson<-->expected eduPerson

CLASS NOT INSTALLED:

Retreiving attributes for class eduOrg by governsID=1.3.6.1.4.1.5923.1.2.2
property "cn" cannot be found
property "governsID" cannot be found
property "lDAPDisplayName" cannot be found

-e (extend schema)
        This option will extend the AD schema to include the eduOrg and eduPerson attributes/properties/classes which do not currently exist in the AD schema.  This option will not repair or alter existing attributes, properties or classes.
        You will be prompted as to whether or not you want to extend the schema to include the eduOrg or eduPerson classes.
        For each class, all missing properties will be display and you will be prompted as to whether or not you want to extend the schema to include the missing properties.  A consistency check is also made and the results displayed (similar to the -v option).
        If the class does not exist, you will also be prompted as to whether or not you will to extend the schema to include the missing class.
        Finally, the class's memberOf property will updated to include all existing and newly added properties.
        It is recommended that you use the -L option when using the -e option.

SourceForge.net Logo