12.11. Turning Schema Checking On and Off
When schema checking is on, the Directory Server ensures three things:
- The object classes and attributes using are defined in the directory schema.
- The attributes required for an object class are contained in the entry.
- Only attributes allowed by the object class are contained in the entry.
Important
Red Hat recommends not to disable the schema checking.
Schema checking is turned on by default in the Directory Server, and the Directory Server should always run with schema checking turned on. The only situation where is may be beneficial to turn schema checking off is to accelerate LDAP import operations. However, there is a risk of importing entries that do not conform to the schema. Consequently, it is impossible to update these entries.
12.11.1. Turning Schema Checking On and Off Using the Command Line
To turn schema checking on and off, set the value of the
nsslapd-schemacheck
parameter. For example to disable schema checking:
# dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-schemacheck=off Successfully replaced "nsslapd-schemacheck"
For details about the
nsslapd-schemacheck
parameter, see the description of the parameter in the Red Hat Directory Server Configuration, Command, and File Reference.
12.11.2. Turning Schema Checking On and Off Using the Web Console
To enable or disable schema checking using the web console:
- Open the Directory Server user interface in the web console. See Section 1.4, “Logging Into Directory Server Using the Web Console”.
- Select the instance.
- Open the, and select the entry.
- Open the Advanced Settings tab.
- To enable schema checking, select the Enable Schema Checking check box. To disable the feature, clear the check box.
- Click.