[Fedora-directory-devel] Samba4 onto Fedora DS

Richard Megginson rmeggins at redhat.com
Tue Aug 22 22:06:39 UTC 2006 

Andrew Bartlett wrote:
> On Tue, 2006-08-22 at 10:03 -0700, Pete Rowley wrote:
>   
>> Kimmo Koivisto wrote:
>>
>>     
>>> Andrew Bartlett wrote:
>>> [snip]
>>>  
>>>
>>>       
>>>> Anyway, this is the error I get with the attached schema:
>>>>
>>>> [abartlet at piglett source]$ sudo /opt/fedora-ds/slapd-piglett/start-slapd
>>>> Password:
>>>> [22/Aug/2006:21:03:47 +1000] dse - The entry cn=schema in
>>>> file /opt/fedora-ds/slapd-piglett/config/schema/01samba4.ldif is
>>>> invalid, error code 20 (Type or value exists) - attribute type
>>>> streetAddress: Does not match the OID "1.2.840.113556.1.2.256". Another
>>>> attribute type is already using the name or OID.
>>>> [22/Aug/2006:21:03:47 +1000] dse - Please edit the file to correct the
>>>> reported problems and then restart the server.
>>>>
>>>> I can find no other reference (in the schema ldif files) to
>>>> streetAddress, or that OID.
>>>>
>>>>    
>>>>
>>>>         
>>> See 00core.ldif:
>>> attributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetaddress' ) DESC 'Standard 
>>> LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 
>>> 2256' )
>>>
>>> Maybe this is what you wan't to remove?
>>>  
>>>
>>>       
>> It would be bad form to remove a standard attribute and replace it with 
>> one of the same name  but different OID.  It would be better to use the 
>> standard attribute.
>>     
>
> What would go wrong if I did that?
>   
The server might not start, apps might break.
> When I started with OpenLDAP, I initially tried to load standard schema,
> then Microsoft's modifications, but very quickly got into a mess:
> Because I wanted a reproducible solution, I didn't want to edit these
> schema files, but they declared objectClasses that I had to override.  
>
> So I ended up just using the converted AD schema.
>
> Would it be possible to split the 00core.ldif into 'attributes required
> for the operation of the directory' and 'core ldap standards'?
Yes.  Something like internally used attributes vs. externally used 
attributes?
> What
> will happen if I fail to load the 'attributes required for operation of
> the directory'?
>   
Things may break.  It's hard to tell without specific attributes or 
objectclass names or OIDs.
> Andrew Bartlett
>
>   
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20060822/f65e0275/attachment.bin>

More information about the Fedora-directory-devel mailing list