For adding eduPerson as an auxiliary class to AD. Please note that it includes the steps to add this auxiliary class to the AD user object.
Courtesy Alan Walsh, U. Indiana
# ====================================================================================================================================== # # File: eduPerson.ldf # Version: 200604 # # This file should be imported with the following command: # ldifde -i -u -f eduPerson.ldf -s server:port -b username domain password -j . -c "CN=Configuration,DC=X" #configurationNamingContext # LDIFDE.EXE from AD/AM V1.0 or above must be used. # This LDIF file should be imported into AD or AD/AM. # It may not work for other directories. # # ======================================================================================================================================= # ================================================================== # Attributes # ================================================================== dn: CN=eduPersonAffiliation,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonAffiliation lDAPDisplayName: eduPersonAffiliation adminDisplayName: eduPersonAffiliation adminDescription: Specifies the person's relationship(s) to the institution, permissible values: faculty, student, staff, alum, member, affiliate, employee attributeID: 1.3.6.1.4.1.5923.1.1.1.1 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: b45ea4ce-57f7-4333-9ecb-8856b125ca2d schemaIDGUID:: zqRetPdXM0Oey4hWsSXKLQ== isSingleValued: FALSE searchFlags: 1 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonNickname,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonNickname lDAPDisplayName: eduPersonNickname adminDisplayName: eduPersonNickname adminDescription: Person's nickname, or the informal name by which they are accustomed to be hailed attributeID: 1.3.6.1.4.1.5923.1.1.1.2 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: 5e601c53-9f4a-4d50-b8bd-504fa571f28e schemaIDGUID:: UxxgXkqfUE24vVBPpXHyjg== isSingleValued: FALSE searchFlags: 1 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonOrgDN,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonOrgDN lDAPDisplayName: eduPersonOrgDN adminDisplayName: eduPersonOrgDN adminDescription: Specifies the person's relationship(s) to the institution, permissible values: faculty, student, staff, alum, member, affiliate, employee attributeID: 1.3.6.1.4.1.5923.1.1.1.3 attributeSyntax: 2.5.5.1 oMSyntax: 127 # schemaIDGUID: 8680da75-204d-4cb0-9c89-89086407d7f8 schemaIDGUID:: ddqAhk0gsEyciYkIZAfX+A== isSingleValued: TRUE searchFlags: 0 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonOrgUnitDN,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonOrgUnitDN lDAPDisplayName: eduPersonOrgUnitDN adminDisplayName: eduPersonOrgUnitDN adminDescription: The distinguished name(s) (DN) of the directory entries representing the person's Organizational Unit(s) attributeID: 1.3.6.1.4.1.5923.1.1.1.4 attributeSyntax: 2.5.5.1 oMSyntax: 127 # schemaIDGUID: 8a0b2358-33f6-437d-bf63-6566e4e4eae6 schemaIDGUID:: WCMLivYzfUO/Y2Vm5OTq5g== isSingleValued: FALSE searchFlags: 0 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonPrimaryAffiliation,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonPrimaryAffiliation lDAPDisplayName: eduPersonPrimaryAffiliation adminDisplayName: eduPersonPrimaryAffiliation adminDescription: Specifies the person's PRIMARY relationship to the institution in broad categories such as student, faculty, staff, alum, etc attributeID: 1.3.6.1.4.1.5923.1.1.1.5 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: e36c34ac-94da-4a45-ad9d-dded84e83ccd schemaIDGUID:: rDRs49qURUqtnd3thOg8zQ== isSingleValued: TRUE searchFlags: 1 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonPrincipalName,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonPrincipalName lDAPDisplayName: eduPersonPrincipalName adminDisplayName: eduPersonPrincipalName adminDescription: The "NetID" of the person for the purposes of inter-institutional authentication. It should be represented in the form "user@scope" where scope defines a local security domain attributeID: 1.3.6.1.4.1.5923.1.1.1.6 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: 6a67dd6f-d845-4d7d-b96d-39161aac27fe schemaIDGUID:: b91nakXYfU25bTkWGqwn/g== isSingleValued: TRUE searchFlags: 1 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonEntitlement,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonEntitlement lDAPDisplayName: eduPersonEntitlement adminDisplayName: eduPersonEntitlement adminDescription: URI (either URN or URL) that indicates a set of rights to specific resources attributeID: 1.3.6.1.4.1.5923.1.1.1.7 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: feef8ee3-fb53-46e3-af47-54bb6e4de772 schemaIDGUID:: 447v/lP740avR1S7bk3ncg== isSingleValued: FALSE searchFlags: 1 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonPrimaryOrgUnitDN,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonPrimaryOrgUnitDN lDAPDisplayName: eduPersonPrimaryOrgUnitDN adminDisplayName: eduPersonPrimaryOrgUnitDN adminDescription: The distinguished name (DN) of the directory entry representing the person's primary Organizational Unit(s) attributeID: 1.3.6.1.4.1.5923.1.1.1.8 attributeSyntax: 2.5.5.1 oMSyntax: 127 # schemaIDGUID: 0cbfa91e-0648-4198-9022-debebd048897 schemaIDGUID:: Hqm/DEgGmEGQIt6+vQSIlw== isSingleValued: TRUE searchFlags: 0 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonScopedAffiliation,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonScopedAffiliation lDAPDisplayName: eduPersonScopedAffiliation adminDisplayName: eduPersonScopedAffiliation adminDescription: Specifies the person's affiliation (see eduPersonAffiliation) within a particular security domain, the values consist of a left (affiliation) and right component (security domain) separated by an "@" sign attributeID: 1.3.6.1.4.1.5923.1.1.1.9 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: 2d38e273-708a-407c-825b-0e809e8fb338 schemaIDGUID:: c+I4LYpwfECCWw6Ano+zOA== isSingleValued: FALSE searchFlags: 1 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: CN=eduPersonTargetedID,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: top objectClass: attributeSchema cn: eduPersonTargetedID lDAPDisplayName: eduPersonTargetedID adminDisplayName: eduPersonTargetedID adminDescription: Specifies the person's relationship(s) to the institution, permissible values: faculty, student, staff, alum, member, affiliate, employee attributeID: 1.3.6.1.4.1.5923.1.1.1.10 attributeSyntax: 2.5.5.12 oMSyntax: 64 # schemaIDGUID: 5ed37a2e-50dc-4039-9159-e794b4ad77e7 schemaIDGUID:: LnrTXtxQOUCRWeeUtK135w== isSingleValued: FALSE searchFlags: 0 showInAdvancedViewOnly: TRUE systemOnly: FALSE dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - # ================================================================== # Object classes # ================================================================== dn: CN=eduPerson,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: classSchema cn: eduPerson lDAPDisplayName: eduPerson adminDisplayName: eduPerson adminDescription: Consists of a set of data elements or attributes about individuals within higher education governsID: 1.3.6.1.4.1.5923.1.1.2 objectClassCategory: 3 #subclassOf: 2.5.6.0 subclassOf: top #rdnAttId: 2.5.4.3 rdnAttId: cn # schemaIDGUID: 3c957851-06bb-4ed7-9151-1f5c230b8677 schemaIDGUID:: UXiVPLsG106RUR9cIwuGdw== # mayContain: eduPersonAffiliation mayContain: 1.3.6.1.4.1.5923.1.1.1.1 # mayContain: eduPersonNickname mayContain: 1.3.6.1.4.1.5923.1.1.1.2 # mayContain: eduPersonOrgDN mayContain: 1.3.6.1.4.1.5923.1.1.1.3 # mayContain: eduPersonOrgUnitDN mayContain: 1.3.6.1.4.1.5923.1.1.1.4 # mayContain: eduPersonPrimaryAffiliation mayContain: 1.3.6.1.4.1.5923.1.1.1.5 # mayContain: eduPersonPrincipalName mayContain: 1.3.6.1.4.1.5923.1.1.1.6 # mayContain: eduPersonEntitlement mayContain: 1.3.6.1.4.1.5923.1.1.1.7 # mayContain: eduPersonPrimaryOrgUnitDN mayContain: 1.3.6.1.4.1.5923.1.1.1.8 # mayContain: eduPersonScopedAffiliation mayContain: 1.3.6.1.4.1.5923.1.1.1.9 # mayContain: eduPersonTargetedID mayContain: 1.3.6.1.4.1.5923.1.1.1.10 # defaultObjectCategory: eduPerson defaultObjectCategory: CN=eduPerson,cn=Schema,cn=Configuration,dc=X systemOnly: FALSE dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=User,CN=Schema,CN=Configuration,DC=X changetype: modify add: auxiliaryClass auxiliaryClass: eduPerson - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - |