ImageMaster defines the LDAP object class “imageMasterUser” which contains a single attribute “imageMasterRole”. This schema is a subclass of inetOrgPerson (see [RFC 2798 - inetOrgPerson]). The value of this attribute controls whether a user has access to the ImageMaster system and what roles the user will have in ImageMaster.
In the example below the user has access to the ImageMaster tenant with the name “tenant1”, and gets assigned the roles “role1” and “role2”:
dn: cn=user01,ou=Users,dc=imagemaster,dc=de
uid: user01
cn: Max1 Mustermann1
sn: Mustermann1
mail: foo@blorf.blubb
objectClass: inetOrgPerson
objectClass: imageMasterUser
userPassword: foo
imageMasterRole: tenant1 role1
imageMasterRole: tenant1 role2
The value of the attribute “imageMasterRole” always consists of two technical names, separated by one or more spaces: the tenant name and the role name.
As a preparation, the ImageMaster schema definition needs to be added to the directory server's set of supported schemas. Consult the manual of your directory server for instructions on how to do this.
Described below are schema definitions in the following formats:
-
General format
-
OpenLDAP LDIF
-
Active Directory LDIF