Updating your Directory to draft-ryan-java-schema-01.rev.txt JNDI/LDAP Service Provider 1.0.3 This note summarizes the changes between the old and new schema for storing Java objects. It also gives examples of how to use the accompanying program, UpdateJavaObjects, to update entries containing Java objects in your directory. SUMMARY OF CHANGES FOR ATTRIBUTES * The javaFactory attribute was renamed to javaCodebase and shared by other object classes for specifying a codebase. It now uses IA5 syntax instead of DirectoryString. * javaSerializedObject was renamed to javaSerializedData. * The attributes used to specify class names (javaClassName, javaFactory) use a case-exact matching rule for equality. * A new attribute, javaRemoteLocation, was added to represent the RMI URL used to name an RMI object. draft-ryan-java-schema-00.txt draft-ryan-java-schema-01.rev.txt javaClassName -> update EQUALITY syntax, OID javaSerializedObject -> javaSerializedData (new OID) javaReferenceAddress -> update EQUALITY syntax, OID javaFactory -> update EQUALITY syntax, OID javaFactoryLocation -> javaCodebase (new OID, new IA5 syntax) new: javaRemoteLocation SUMMARY OF CHANGES FOR OBJECT CLASSES * A superclass javaObject was added to be the base class for all three types of Java-related objects. * javaObject, which used to represent a serialized object, was renamed to javaSerializedObject. * A new object class, javaRemoteObject, was added for representing a Java RMI object. draft-ryan-java-schema-00.txt draft-ryan-java-schema-01.rev.txt javaContainer javaObject -> javaSerializedObject (new OID)+ javaObject (new OID) javaNamingReference -> + javaObject (new OID) (new OID) new: javaRemoteObject USING UpdateJavaObjects java [-Djava.naming.provider.url=] \ UpdateJavaObjects [-h|-l|-s[n]|-u] [-n] [-p] [-a] -h Prints the usage message -l Prints the entries that will be updated. -s[n] Update schema (-sn means use workaround for Netscape schema bugs). -u Update entries containing Java object -n Use as the distinguished name for authentication -p Use as the password for authentication -a Use as the authentication mechanism. Default is "simple". If neither -s, -u, -l, nor -h has been specified, the default is "-l". This program allows you to update your existing directory entries. A typically session is as follows: 1. Update schema You can either use your directory's administration tool to update the schema according to draft-ryan-java-schema-01.txt, as summarized above. Or you can use UpdateJavaObjecst with the "-s" option. If you are using the Netscape 3.11 or earlier servers, you need to use "-sn" to workaround schema bugs in the Netscape server. If you are using the Sun Directory Server, you must use the administration tool because SDS does not support programmatic update of the schema. Don't use the "-s" option with SDS. In order to update the directory, you need to login as the directory administrator, quoting the "-n" option if there are blanks in the distinguished name. After updating the schema, you should use the directory server's administration tool to verify that the changes have been properly applied. The Netscape Directory Server 3.0, for example, ignores some attributes. If the schema have not been properly updated, use the administration tool to correct it before updating the entries. # java -Djava.naming.provider.url=ldap://myserver UpdateJavaObjects -sn \ "-ncn=Directory Administrator" -psecret 2. See what changes will be made. You can narrow the scope of the subtree to search by supplying the appropriate DN in the provider URL. # java -Djava.naming.provider.url=ldap://myserver UpdateJavaObjects 3. Update the objects. You can narrow the scope of the subtree to update by supplying the appropriate DN in the provider URL. You probably also need to provider a login DN and password depending on the access control of the server. # java -Djava.naming.provider.url=ldap://myserver UpdateJavaObjects -u 4. Repeat Step 2 to verify that no more objects need to be updated.