[Freeipa-users] Radius schema addition to default user objectclasses in FreeIPA 4.1
Rich Megginson
rmeggins at redhat.com
Fri Oct 24 19:38:04 UTC 2014
On 10/24/2014 06:27 AM, Орхан Касумов wrote:
> New task: I want to add an additional schema (radius schema) to
> default user object classes.
>
> I prepared the ldif-file for the schema:
> https://cloud.mail.ru/public/40edc9a6c9bb%2Fradiusschema.ldif ,
> then followed instructions in
> https://www.redhat.com/archives/freeipa-users/2014-February/msg00050.html
> At step #2 of the instructions, ldapmodify command was run;
> as I'm using FreeIPA 4.1 in a multi-master replication scenario with 2
> servers,
> the command was run on both servers and produced this output on both:
>
> modifying entry "cn=schema"
>
> Then I switched to GUI and added "radiusprofile" objectclass. After
> hitting the "Update" button I got the message:
>
> "IPA Error 4001: NotFound
>
> objectclass radiusprofile not found"
>
> Restarting ipactl didn't help.
> Command "ldapsearch -Y GSSAPI | grep schema" gives no output besides
> informational SASL messages.
Are you trying to list the schema over LDAP? Where did you get the
above instructions? They are wrong. Use
ldapsearch -o ldif-wrap=no -Y GSSAPI -s base -b "cn=schema"
attributeTypes objectClasses
If you are using an older version of ldapsearch that doesn't support
ldif-wrap, see http://richmegginson.livejournal.com/18726.html
> There is a "MUST cn" part in the objectclass definition in the
> ldif-file, but even after removing it the situation doesn't change.
> Please help me to understand where is the problem, and is it generally
> possible to use radius.schema with FreeIPA?
> The original schema was taken from:
> http://open.rhx.it/phamm/schema/radius.schema
> Thanks in advance!
>
> --
> Орхан Касумов
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141024/48523412/attachment.htm>
More information about the Freeipa-users
mailing list