[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Feeling stupid: cannot understand error
Alex Povolotsky a écrit :
Hello!
Hi Alex,
I've installed openldap 2.1, and run into strange problem.
[12:37] server:/tmp # ldapadd -D "cn=Manager,dc=sub,dc=ru" -w password
dn: uid=tarkhil, dc=sub, dc=ru
objectClass: shadowAccount
uid: tarkhil
adding new entry "uid=tarkhil, dc=sub, dc=ru"
ldap_add: Object class violation (65)
additional info: no structural object class provided
note the "additional info", here is the explanation.
in ldapv3, an entry must have at least one structural objectclass.
The only objectclass you provided is 'shadowAccount' which is not
structural, but auxiliary, as I see in the openldap schema files :
[root@fed1 root]# grep shadowAccount /etc/openldap/schema/*
/etc/openldap/schema/nis.schema:objectclass ( 1.3.6.1.1.1.2.1 NAME
'shadowAccount' SUP top AUXILIARY
you MUST provide a structural objectclass, like 'inetOrgPerson' for
example, which turn your example to :
dn: uid=tarkhil, dc=sub, dc=ru
objectClass: shadowAccount
objectClass: inetOrgPerson
uid: tarkhil
François
[12:37] server:/tmp # ldapadd -D "cn=Manager,dc=sub,dc=ru" -w password
dn: cn=test2, dc=sub, dc=ru
objectClass: posixGroup
cn: test2
gidNumber: 1024
adding new entry "cn=test2, dc=sub, dc=ru"
As far as I understand man ld_errno, in the first example slapd complaints:
LDAP_OBJECT_CLASS_VIOLATION
An object class violation occurred (e.g., a "must"
attribute was missing from the entry).
but I cannot understand what exactly the problem is.
The same setup worked quite well on openldap 2.0...