[Freeipa-users] Virtual DIT view howto

Fri Sep 26 11:17:01 UTC 2014

On 09/26/2014 01:13 PM, Sandor Juhasz wrote:
> mycompany.ldif:
>
> dn: ou=mycompany,cn=Schema Compatibility, cn=plugins, cn=config
> objectclass: top
> objectclass: extensibleObject
> ou: mycompany
> schema-compat-container-group: cn=compat,cn=accounts,dc=mydc
> schema-compat-container-rdn: ou=mycompany
> schema-compat-search-base: cn=users,cn=accounts,dc=cxusers
> schema-compat-search-filter:
> (&(objectClass=posixAccount)(memberOf=cn=mycompany,cn=groups,cn=accounts,dc=mydc))
> schema-compat-entry-rdn: uid=%{uid}
> schema-compat-entry-attribute: objectClass=account
> schema-compat-entry-attribute: objectClass=posixAccount
> schema-compat-entry-attribute: objectClass=inetOrgPerson
> schema-compat-entry-attribute: objectClass=kerberosPrincipalAux
> schema-compat-entry-attribute: homeDirectory=%{homeDirectory}
> schema-compat-entry-attribute: uidNumber=%{uidNumber}
> schema-compat-entry-attribute: gidNumber=%{gidNumber}
> schema-compat-entry-attribute: loginShell=%{loginShell}
> schema-compat-entry-attribute: userPassword=*
> schema-compat-entry-attribute: mail=%{mail}
> schema-compat-entry-attribute: krbPrincipalName=%{krbPrincipalName}
> schema-compat-entry-attribute: cn=%{cn}
> schema-compat-entry-attribute: gecos=%{gecos}
> schema-compat-entry-attribute: givenName=%{givenName}
> schema-compat-entry-attribute: sn=%{sn}
>
>
> error:
>
> [root at mydc ~]# ldapmodify -Y GSSAPI -f mycompany.ldif
> SASL/GSSAPI authentication started
> SASL username: admin at MYDC
> SASL SSF: 56
> SASL data security layer installed.
> ldapmodify: modify operation type is missing at line 2, entry
> "ou=mycompany,cn=Schema Compatibility, cn=plugins, cn=config"

You either need to add
changetype: add
to the second line or use ldapadd.

You can check the doc here:

https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_Directory_Entries-LDIF_Update_Statements.html#LDIF_Update_Statements-Adding_an_Entry_Using_LDIF

Martin