From 20f489c0d77f2fc61cb61602ddc2886e282dd709 Mon Sep 17 00:00:00 2001 From: Mario Fetka Date: Tue, 2 Jun 2026 10:19:26 +0000 Subject: [PATCH] docs: document NetWare 4.11 schema import plan --- REDESIGN.md | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/REDESIGN.md b/REDESIGN.md index ed56d47..902554f 100644 --- a/REDESIGN.md +++ b/REDESIGN.md @@ -986,6 +986,79 @@ Examples of setup-owned work: the local bootstrap path should avoid requiring a running LDAP server and should not make LDAP the canonical internal representation. +### NetWare 4.11 schema acquisition and import + +The future NetWare 4.x directory schema should not be invented from memory or +from a small sample file. Real NetWare 4.11 installations appear to carry more +complete schema material than the standalone `*.SCH` examples. Some schema +fragments, such as `NLS.SCH`, are useful format samples: they are readable ASN.1- +style schema definition files containing `ATTRIBUTE` and `OBJECT-CLASS` blocks, +`SyntaxID`, `Flags`, `SubClassOf`, `ContainedBy`, `NamedBy`, `MustContain`, +`MayContain`, and `ASN1ObjID` fields. However, such files should be treated as +partial extension/schema examples, not as the canonical complete 4.11 schema. + +The initial canonical schema source should come from a real NetWare 4.11 +installation. If the complete schema is embedded in installer data such as +`install.dat`, the acquisition path should be documented and reproduced rather +than guessed: + +```text +NetWare 4.11 install media / installed server + -> extract or export complete NDS schema material + -> inspect native schema records and standalone .SCH fragments + -> convert/import through nwsetup + -> libdirectory schema objects + -> libflaim-backed store +``` + +`nwsetup` should eventually support both a native NetWare 4.11 schema import path +and an LDIF import/export path: + +```text +nwsetup directory import-schema --format=netware411 +nwsetup directory import-schema --format=ldif +nwsetup directory export-schema --format=ldif > schema.ldif +``` + +LDIF remains valuable because it is readable, diffable, testable, and useful for +interoperability with the LDAP-facing `nwdirectory` service. It should not be +the only possible source of truth. Once the native NetWare 4.11 schema format is +understood, a native reader can avoid conversion loss and can preserve +NetWare-specific syntax IDs, flags, naming rules, containment rules, and class +relationships before they are mapped into `libdirectory`. + +The import implementation should live below `nwsetup`, not inside protocol +handlers: + +```text +nwsetup + -> schema import layer + -> NetWare 4.11/native schema reader + -> .SCH fragment reader + -> LDIF reader/writer + -> libdirectory schema API + -> libflaim +``` + +The schema import layer must record provenance. Imported schema sets should be +versioned with at least the source system, source file/archive, NetWare version, +import tool version, and conversion warnings. This makes it possible to compare +a later extracted 4.11 schema against the current mars-nwe schema without +pretending that hand-written defaults are authoritative. + +Open questions that should stay explicit until real 4.11 media has been +inspected: + +- exact native schema storage format inside `install.dat` or the installed tree; +- whether all core classes/attributes are present as ASN.1-like `.SCH` text, + binary records, or both; +- mapping of NetWare/NDS syntax IDs to `libdirectory` internal syntaxes and LDAP + syntaxes; +- preservation of NDS flags such as single-valued, container/effective class, + naming, containment, and mandatory/optional attribute sets; +- how Bindery-compatibility object classes and attributes are represented in the + same schema store. + ### Admin, Supervisor, and directory password bootstrap/recovery The future typed INI must not carry reusable plaintext passwords for Admin,