[Fedora-directory-users] Question on FDS Usage

Richard Megginson rmeggins at redhat.com
Tue Mar 28 15:06:55 UTC 2006 

Alex Ackerman wrote:
> Thank you both for your assistance.  I tried the new ldapadd statement
> and received the following error:
>
> adding new entry "cn=schema"
> ldap_add: Object class violation (65)
>         additional info: missing required attribute "objectclass"
>
> Not having any more info than this, I tried placing the schema in the
> schema directory.  Upon restart I received the following error:
>
> [root at bastet slapd-bastet]# ./restart-slapd
> [28/Mar/2006:05:07:49 -0500] dse - The entry cn=schema in
> file /opt/fedora-ds/slapd-bastet/config/schema/60openxchange.ldif is
> invalid, error code 20 (Type or value exists) - attribute type url: Does
> not match the OID "1.1.2.1.1.45". Another attribute type is already
> using the name or OID.
> [28/Mar/2006:05:07:50 -0500] dse - Please edit the file to correct the
> reported problems and then restart the server.
>
> The line that caused this in 60openxchange.ldif is:
>
> attributeTypes: (
>   1.1.2.1.1.45
>   NAME ( 'url' )
>   DESC 'Users business Homepage'
>   EQUALITY caseIgnoreMatch
>   SUBSTR caseIgnoreSubstringsMatch
>   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
>   )
>
> It is conflicting with the following line in 50ns-legacy.ldif:
> attributeTypes: ( url-oid NAME 'url' DESC 'Netscape defined attribute
> type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Legacy' )
>
> For kicks, I commented out the following lines and the server started
> up.  
>
> #attributeTypes: ( url-oid NAME 'url' DESC 'Netscape defined attribute
> type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Legacy' )
> #objectClasses: ( nsLegacyServer-oid NAME 'nsLegacyServer' DESC
> 'Netscape defined objectclass' SUP netscapeServer MAY ( nsServerID $
> url ) X-ORIGIN 'Netscape Legacy' )
>
> Now, the real question: what is these definitions for and have I done
> something I'm going to regret later?  Is there a better solution
> assuming that I can't modify the schema for OpenXChange?
>   
No, that's fine.  Most of the 50ns-*.ldif schema is old, legacy schema 
that can be safely removed or commented out.
> Thank you,
> Alex
>
>
> On Mon, 2006-03-27 at 09:02 -0700, Richard Megginson wrote:
>   
>> George Holbert wrote:
>>     
>>>> I then tried:
>>>> Code:
>>>> [root at bastet ~]# ldapadd -x -D "cn=Directory 
>>>> Manager,dc=domain,dc=net" -h localhost -W -f openxchange.ldif2
>>>> Enter LDAP Password:
>>>> ldap_bind: No such object (32)
>>>>        matched DN: dc=domain,dc=net
>>>>         
>>> This is close, you just need to use the right DN for the Directory 
>>> Manager. Try:
>>> ldapadd -x -D "cn=Directory Manager" ...
>>>
>>> Directory Manager is a special DN that doesn't exist inside your suffix.
>>>       
>> You can also just copy your schema file into the config/schema directory 
>> and restart the server e.g. cp openxchange.ldif2 
>> slapd-instance/config/schema/60openxchange.ldif
>>     
>>> ----- Original Message ----- From: "Alex Ackerman" <alex at darkhonor.com>
>>> To: <fedora-directory-users at redhat.com>
>>> Sent: Saturday, March 25, 2006 4:04 PM
>>> Subject: [Fedora-directory-users] Question on FDS Usage
>>>
>>>
>>>       
>>>> Ok, this may seem like old hat to some of you, but I'm feeling like I'm
>>>> playing stump the dummy with my computer. I am trying to modify my
>>>> directory's schema to add support for Open-XChange. I have a schema file
>>>> that I have converted to FDS format from the shipped OpenLDAP format
>>>> (thanks to tools on the Fedora Directory Server site), but I can't seem
>>>> to add this to the server. I first tried:
>>>>
>>>> Code:
>>>> [root at bastet ~]# ldapmodify -h localhost -x -f openxchange.ldif2
>>>> modifying entry "cn=schema"
>>>> ldap_modify: Insufficient access (50)
>>>>        additional info: Insufficient 'write' privilege to the 
>>>> 'attributeTypes' attribute of entry 'cn=schema'.
>>>>
>>>> I then tried:
>>>> Code:
>>>> [root at bastet ~]# ldapadd -x -D "cn=Directory 
>>>> Manager,dc=domain,dc=net" -h localhost -W -f openxchange.ldif2
>>>> Enter LDAP Password:
>>>> ldap_bind: No such object (32)
>>>>        matched DN: dc=domain,dc=net
>>>>
>>>> As you can see, I'm getting really stumped. What is the right command
>>>> that I'm missing? I'm new to the directory server realm and this has
>>>> been my attempt at trying to learn. Thanks for any assistance you can
>>>> provide.
>>>>
>>>> Alex
>>>>
>>>> An excert of the schema follows:
>>>> #
>>>> ################################################################################ 
>>>>
>>>> #
>>>> dn: cn=schema
>>>> #
>>>> ################################################################################ 
>>>>
>>>> #
>>>> attributeTypes: (
>>>>  1.1.2.1.1.1
>>>>  NAME ( 'mailEnabled' )
>>>>  DESC 'Is the user enabled or not, for pam_ldap,postfix etc.
>>>> filtering...'
>>>>  EQUALITY caseIgnoreMatch
>>>>  SUBSTR caseIgnoreSubstringsMatch
>>>>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768}
>>>>  SINGLE-VALUE
>>>>  )
>>>> #
>>>> ################################################################################ 
>>>>
>>>> #
>>>> attributeTypes: (
>>>>  1.1.2.1.1.2
>>>>  NAME ( 'alias' )
>>>>  DESC 'email alias'
>>>>  EQUALITY caseIgnoreMatch
>>>>  SUBSTR caseIgnoreSubstringsMatch
>>>>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768}
>>>>  )
>>>> #
>>>> ################################################################################ 
>>>>
>>>> #
>>>> attributeTypes: (
>>>>  1.1.2.1.1.3
>>>>  NAME ( 'imapServer' )
>>>>  DESC 'Users Imap Server'
>>>>  EQUALITY caseIgnoreMatch
>>>>  SUBSTR caseIgnoreSubstringsMatch
>>>>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768}
>>>>  SINGLE-VALUE
>>>>  )
>>>> ...
>>>>
>>>>
>>>>
>>>> ------------------------------------
>>>> This email has been ClamScanned!
>>>> www.clamav.net
>>>>
>>>> -- 
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
>>>>
>>>>         
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>       
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>     
>
>
> ------------------------------------
> This email has been ClamScanned!
> 	www.clamav.net
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060328/128f055d/attachment.bin>

More information about the Fedora-directory-users mailing list