[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Help with adding records

To: OpenLDAP-software@OpenLDAP.org
Subject: Re: Help with adding records
From: cphillips@studioresource.com
Date: Fri, 17 May 2002 12:49:15 -0700
In-reply-to: <002d01c1fdc8$6948f4c0$1001a8c0@amer.cisco.com>
References: <002d01c1fdc8$6948f4c0$1001a8c0@amer.cisco.com>

hope this helps...

Jim Hankins writes:

I'm new to ldap and am trying a the first example of adding a record but get the following error also I'm running this under RedHat Linux 7.2 and the version I'm using is:

rpm -q openldap openldap-2.0.21-1

make sure you also have(neither of these are installed by def): [root@mail cphillips]# rpm -q openldap-clients openldap-clients-2.0.21-0.7.1

if you dont get it from updates.redhat.com

you also might want: [root@mail cphillips]# rpm -q openldap-devel openldap-devel-2.0.21-0.7.1

depending on what you want to use openldap for

this may be redundant, but check for this too:

[root@mail cphillips]# rpm -q openldap-servers openldap-servers-2.0.21-0.7.1

[root@prod2 root]# ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f import2.ldif Enter LDAP Password: adding new entry "dc=example,dc=com "

I am thinking that you might have extra white space, run a cat -A against any ldif you might want to add...to be paranoid you can comment stuff out with #. Besides that, everything looks fine from here. I also run enigma, and provided you use the RH rpms it works great...if you try to install it from openldap.org first you will run into all kinds of problems.

For further testing play around with /usr/sbin/slapadd and slapcat, they are usually more forgiving and verbose in thier errors(shutdown the server first).

Furthermore here is a tried and tested(somewhat paranoid) ldapadd command(all one line...that is -f): /usr/bin/ldapadd -vxc -W -D "cn=admin,dc=studioresource,dc=com" -f /etc/openldap/example.ldif -h localhost -p 389

here is an ldif you can play with(you might wanna check this for white space too):

dn: o=openhand,c=us objectclass: organization o: openhand

dn: cn=admin,o=openhand,c=us objectclass: organizationalRole objectclass: simpleSecurityObject cn: admin description: LDAP Administrator userPassword: {MD5}RDRNn4VQY+q2bm0EtzPnVg==< br>

ldap_add: Invalid syntax additional info: objectclass: value #0 invalid per syntax

ldif_record() = 21 [root@prod2 root]#

Here is the contents of the example ldif file I got off of the website

dn: dc=example,dc=com objectclass: dcObject objectclass: organization o: Example Company dc: example

dn: cn=Manager,dc=example,dc=com objectclass: organizationalRole cn: Manager

And here is my slapd.conf file

#pidfile //var/run/slapd.pid #argsfile //var/run/slapd.args

# Create a replication log in /var/lib/ldap for use by slurpd. #replogfile /var/lib/ldap/master-slapd.replog

# Load dynamic backend modules: # modulepath /usr/sbin/openldap # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la

# # The next two lines allow use of TLS for connections using a dummy test # certificate, but you should generate a proper certificate by changing to # /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on # slapd.pem so that the ldap user or group can read it. # TLSCertificateFile /usr/share/ssl/certs/slapd.pem # TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem # # Sample Access Control # Allow read access of root DSE # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # #access to dn="" by * read #access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default is: # Allow read by all # # rootdn can always write!

####################################################################### # ldbm database definitions #######################################################################

database ldbm suffix "dc=ipphoneapps,dc=com" rootdn "cn=Manager,dc=ipphoneapps,dc=com" rootpw secret22 directory /home/jhankins/ldapdata # be avoided. Se slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. # rootpw secret # rootpw {crypt}ijFYNcSNctBYg # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd/tools. Mode 700 recommended. #directory /var/lib/ldap # Indices to maintain #index objectClass,uid,uidNumber,gidNumber,memberUid eq #index cn,mail,surname,givenname eq,subinitial # Replicas to which we should propagate changes #replica host=ldap-1.example.com:389 tls=yes # bindmethod=sasl saslmech=GSSAPI # authcId=host/ldap-master.example.com@EXAMPLE.COM "slapd.conf" 80L, 2768C written [root@prod2 openldap]# service ldap restart Stopping slapd: [ OK ] Starting slapd: [ OK ] [root@prod2 openldap]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,dc=com" -W -f import.ldif import.ldif: No such file or directory [root@prod2 openldap]# cd [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,dc=com" -W -f import.ldif Enter LDAP Password: adding new entry "dc=ipphoneapps,dc=com " ldap_add: Invalid syntax additional info: objectclass: value #0 invalid per syntax

ldif_record() = 21 [root@prod2 root]# vi import.ldif dn: dc=ipphoneapps,dc=com objectclass: dcObject objectclass: organization o: IPphone apps dc: ipphoneapps

dn: cn=Manager,dc=ipphoneapps,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "import.ldif" 9L, 194C written [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,dc=com" -W -f import.ldif Enter LDAP Password: adding new entry "dc=ipphoneapps,dc=com " ldap_add: Invalid syntax additional info: objectclass: value #0 invalid per syntax

ldif_record() = 21 [root@prod2 root]# rm import.ldif rm: remove `import.ldif'? y [root@prod2 root]# vi import.ldif

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ -- INSERT -- dn: dc=ipphoneapp,dc=com objectclass: dcObject objectclass: organization o: IP PHoneapps dc: ipphoneapps

dn: cn=Manager,dc=ipphoneapps,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "import.ldif" [New] 9L, 187C written [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,port.ldif -f imp Enter LDAP Password: adding new entry "dc=ipphoneapp,dc=com" ldap_add: No such object

ldif_record() = 32 [root@prod2 root]# vi import.ldif dn: dc=ipphoneapps,dc=com objectclass: dcObject objectclass: organization o: IP PHoneapps dc: ipphoneapps

dn: cn=Manager,dc=ipphoneapps,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "import.ldif" 9L, 188C written [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,dc=com" -W -f import.ldif Enter LDAP Password: adding new entry "dc=ipphoneapps,dc=com" ldap_add: Operations error

ldif_record() = 1 [root@prod2 root]# cd /home/jhankins [root@prod2 jhankins]# ls backup.tar.gz myaddrdir.ldif.txt server.key web ftp mymarketinghelper.crt test-addr ldapdata phplive uploads [root@prod2 jhankins]# cd ldapdata/ [root@prod2 ldapdata]# ls [root@prod2 ldapdata]# cd .. [root@prod2 jhankins]# cd [root@prod2 root]# ls import.ldif myaddrdir.ldif streetlethal.tar.gz tape_backup [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,dc=com" -W -f import.ldif Enter LDAP Password: adding new entry "dc=ipphoneapps,dc=com" ldap_add: Operations error

ldif_record() = 1 [root@prod2 root]# ldapsearch -x -b 'dc=ipphoneapps,dc=com' '(objectclass=*)' version: 2

# # filter: (objectclass=*) # requesting: ALL #

# search result search: 2 result: 32 No such object

# numResponses: 1 [root@prod2 root]# vi import.ldif dn: dc=ipphoneapps,dc=com objectclass: dcObject objectclass: organization o: ipphoneapps dc: ipphoneapps

dn: cn=Manager,dc=ipphoneapps,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "import.ldif" 9L, 187C written [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=ipphoneapps,dc=com" -W -f import.ldif Enter LDAP Password: adding new entry "dc=ipphoneapps,dc=com" ldap_add: Operations error

ldif_record() = 1 [root@prod2 root]# vi /etc/openldap/slapd.conf # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $ # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/redhat/rfc822-MailMember.schema include /etc/openldap/schema/redhat/autofs.schema include /etc/openldap/schema/redhat/kerberosobject.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org

#pidfile //var/run/slapd.pid #argsfile //var/run/slapd.args

# Create a replication log in /var/lib/ldap for use by slurpd. #replogfile /var/lib/ldap/master-slapd.replog

# Load dynamic backend modules: # modulepath /usr/sbin/openldap # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la

# # The next two lines allow use of TLS for connections using a dummy test # certificate, but you should generate a proper certificate by changing to# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on # slapd.pem so that the ldap user or group can read it. # TLSCertificateFile /usr/share/ssl/certs/slapd.pem # TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem # # Sample Access Control# Allow read access of root DSE # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # #access to dn="" by * read #access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default is:# Allow read by all ## rootdn can always write! ####################################################################### # ldbm database definitions############################################################# ##########

database ldbm suffix "dc=example,dc=com" rootdn "cn=Manager,dc=example,dc=com" rootpw secret directory /home/jhankins/ldapdata# be avoided. Se slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. # rootpw secret # rootpw {crypt}ijFYNcSNctBYg# The database directory MUST exist prior to running slapd AND# should only be accessible by the slapd/tools. Mode 700 recommended. "/etc/openldap/slapd.conf" 80L, 2758C written [root@prod2 root]# service ldap restart Stopping slapd: [ OK ] Starting slapd: [ OK ] [root@prod2 root]# cd [root@prod2 root]# vi import2.ldif dn: dc=example,dc=com objectclass: dcObject objectclass: organization o: Example Company dc: example

dn: cn=Manager,dc=example,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "import2.ldif" [New] 9L, 186C written [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f example.ldif example.ldif: No such file or directory [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f import2.ldif Enter LDAP Password: adding new entry "dc=example,dc=com " ldap_add: Invalid syntax additional info: objectclass: value #0 invalid per syntax

ldif_record() = 21 [root@prod2 root]# vi import2.ldif dn: dc=example,dc=com objectclass: dcObject objectclass: organization o: Example Company dc: example

dn: cn=Manager,dc=example,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ [root@prod2 root]# ls import.ldif myaddrdir.ldif tape_backup import2.ldif streetlethal.tar.gz [root@prod2 root]# ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f import2.ldif Enter LDAP Password: adding new entry "dc=example,dc=com " ldap_add: Invalid syntax additional info: objectclass: value #0 invalid per syntax

ldif_record() = 21 [root@prod2 root]# vi import2.ldif dn: dc=example,dc=com objectclass: dcObject objectclass: organization o: Example Company dc: example

dn: cn=Manager,dc=example,dc=com objectclass: organizationalRole cn: Manager ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ [root@prod2 root]# cd /etc/openldap/ [root@prod2 openldap]# vi slapd.conf # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $ # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/redhat/rfc822-MailMember.schema include /etc/openldap/schema/redhat/autofs.schema include /etc/openldap/schema/redhat/kerberosobject.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org

#pidfile //var/run/slapd.pid #argsfile //var/run/slapd.args

# Create a replication log in /var/lib/ldap for use by slurpd. #replogfile /var/lib/ldap/master-slapd.replog

# Load dynamic backend modules: "slapd.conf" 80L, 2758C

References:
- Help with adding records
  - From: "Jim Hankins" <jhankins@cisco.com>

Prev by Date: Help with adding records
Next by Date: SSL/TLS
Index(es):
- Chronological
- Thread