System diagnostic: LDAP schema files are not properly registered

Hi all.

Thinking about the future upgrade to 5.2 I’ve looked at an old system diagnostic that has hung around for a long time. It is “LDAP schema files are not properly registered”.

Old packages and Apps registered schema files by copying the files locally into a certain directory.
The preferred way now is to register them in LDAP; this is less error prone in situations like backup2master.
The following files seem to be registered in the old way:
 * /var/lib/univention-ldap/local-schema/univention-corporate-client.schema

There is a button to register the single missing schema file however, given its an old UCC schema from when we had that installed back around the v3-v4 transition I don’t actually want to keep it.

I can find the following wiki around removing schema extensions that look to already be registered in LDAP.

I can’t find any UCC attributes in the LDAP. Should be safe to remove the .schema file given it was never ‘properly registered’ (taking backups/snapshots of course).

Nothing in UCS references UCC, so you can probably just delete the file after checking that no objectClass and attribute from that schema file is still used by running this command as user root:

slapcat | grep -i \
  -e univentionCorporateClient \
  -e univentionPolicyCorporateClient \
  -e univentionPolicySoftwareupdates

Also make sure that the file is no longer sourced from you main LDAP server configuration file:

grep -F -e univention-corporate-client.schema /etc/ldap/slapd.conf

As always make backups first and follow the referenced article for more details.

1 Like