[Freeipa-users] Radius schema addition to default user objectclasses in FreeIPA 4.1
Orkhan Gasimov
orkhan-azeri at mail.ru
Wed Oct 29 05:50:24 UTC 2014
I solved the problem.
I tried to add my radiusschema.ldif using LDAP admin, and it gave an
error: "Line 64: "dn" expected, but "add" found".
So instructions here:
https://www.redhat.com/archives/freeipa-users/2014-February/msg00050.html are
incomplete.
When creating an ldif-file from the schema-file, it's necessary to
repeat this part:
dn: cn=schema
changetype: modify
before this part:
add: objectclasses
After that everything proceeds normally, and it's possible to add
"radiusprofile" objectclass to default user objectclasses.
28-Oct-14 15:43, Orkhan Gasimov пишет:
> OK, thanks for info.
> First I used that command with " | grep radius" at the end prior to
> adding my radiusschema.ldif.
> It returned no data.
> Then I added my radiusschema.ldif using the command:
>
> # ldapmodify -ZZ -x -D "cn=Directory Manager" -W -H ldap://localhost
> -f /usr/share/radiusschema.ldif
>
> Then I issued the command you suggested again with " | grep
> radius|less" at the end.
> This time it retrned a lot of entries (apparently those that were in
> the radiusschema.ldif file).
>
> But when I tried to switch to GUI and add "radiusprofile" objectclass,
> I got the same message:
>
> "IPA Error 4001: NotFound
>
> objectclass radiusprofile not found"
>
> I know that radius schema taken from
> http://open.rhx.it/phamm/schema/radius.schema works,
> it was checked by me with OpenLDAP 2.4 and FreeRadius 2.2.
>
> What am I doing wrong? Removing "MUST cn" from the schema gives no
> difference.
>
>
>
> 25-Oct-14 00:38, Rich Megginson пишет:
>> Are you trying to list the schema over LDAP? Where did you get the
>> above instructions? They are wrong. Use
>>
>> ldapsearch -o ldif-wrap=no -Y GSSAPI -s base -b "cn=schema"
>> attributeTypes objectClasses
>
More information about the Freeipa-users
mailing list