Re: LDAP/PHP: Trying to add account -> text=attribute loginShell not allowed

["Dejan Muhamedagic" <dejan.muhamedagic@at.ibm.com>]

Hi,

What do you mean by "not allowed"?

In general, it could be that the schema doesn't support the attributes for 
the objectclasses, or that you're binding with insufficient credentials, 
or that there is no parent defined for the new record, or ... there are 
probably a few that I can't recall now.

Please include more info when posting.

Dejan
Please respond to Holger Banko <holger.banko@pgam.com> 
Sent by:        owner-openldap-software@OpenLDAP.org
To:     LDAP Mailingliste <openldap-software@OpenLDAP.org>
cc: 
Subject:        LDAP/PHP: Trying to add account -> text=attribute loginShell not allowed


Hi,

I am trying to add a User-Account to my LDAP-Tree with PHP. Everytime I 
get an 
error in /var/log/message. Some attributes are not allowed (e.g. 
loginShell, 
gidNumber, uidNumber).

Why ? Whats wrong ?

// Daten vorbereiten
  $info["cn"]="$vorname $name";
  $info["sn"]="$name";
  $info["uid"]="$personr";
  $info["mail"]="$vorname.$name@pgam.com";
  $info["objectClass"]="top";
  $info["objectClass"]="posixAccount";
  $info["objectClass"]="account";
  $info["objectClass"]="shadowAccount";
  $info["objectClass"]="inetOrgPerson";
  $info["loginShell"]="/bin/bash";
  $info["userPassword"]="$name";
  $info["gecos"]="LDAP User";
  $info["homePhone"]="12345";
  $info["shadowMin"]="-1";
  $info["shadowInactive"]="-1";
  $info["gidNumber"]="100";
  $info["uidNumber"]="$uidnum";
  $info["homeDirectory"]="/home/$personr";
  $info["description"]="Via Intranet generiertes Benutzerkonto";
  $info["roomNumber"]="Empty";
  $info["givenName"]="Empty";
  $info["proxyauth"]="Empty";

  // hinzufügen der Daten zum Verzeichnis
  $r=ldap_add($ds, "uid=$personr,ou=$standort,ou=People,dc=pgam,dc=com", 
$info);

--Holger