[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Naming Violation (64) when I create a new objectClass

To: "FRERY Anthony" <AFrery@scripto.com>
Subject: Re: Naming Violation (64) when I create a new objectClass
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Tue, 15 Jun 2004 18:21:33 +0200 (CEST)
Cc: openldap-software@OpenLDAP.org
Importance: Normal
In-reply-to: <20A5D59D09AACD4D97C0DE2D2A4C7FF0686200@hermes.scripto.com>
References: <20A5D59D09AACD4D97C0DE2D2A4C7FF0686200@hermes.scripto.com>
User-agent: SquirrelMail/1.4.3a-1

Look at http://www.openldap.org/faq/data/cache/1006.html

p.

>
> Hi,
> I want to create a new Class (or use one who exist) with only one
> attribute. I try to create an object class but it doesn't work :
>
> ldapadd: update failed: ul=1, ou=Bureau de l'union des
> ASPTT,ou=structure, dc=asptt, dc=com
> ldap_add: Naming violation (64)
>         additional info: value of naming attribute 'ul' is not present
> in entry
>
> I don't understand this error because I have define the class
> personLinkAsptt :
> personLinkAsptt.schema :
> attributeType ( 1.3.6.1.4.1.4203.666.1.114
> 	NAME ( 'ul' )
>         DESC 'Identifiant de l utilisateur'
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>
> objectclass	( 1.3.6.1.4.1.4203.666.1.115
>     NAME 'personLinkAsptt'
>     SUP top
>     DESC 'Lien vers personne de l ASPTT'
>     STRUCTURAL
> 	MUST (
> 		ul )
> 	)
> I include it in the slapd.conf :
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
> 23:19:14 kurt Exp $
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include		/etc/openldap/schema/core.schema
> include		/etc/openldap/schema/cosine.schema
> include		/etc/openldap/schema/inetorgperson.schema
> include		/etc/openldap/schema/nis.schema
> include		/etc/openldap/schema/redhat/autofs.schema
> include		/etc/openldap/schema/organizationalUnitAsptt.schema
> include		/etc/openldap/schema/inetorgpersonAsptt.schema
> include		/etc/openldap/schema/personLinkAsptt.schema
>
> # Allow LDAPv2 client connections.  This is NOT the default.
> allow bind_v2
>
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral	ldap://root.openldap.org
>
> pidfile	/var/run/slapd.pid
> #argsfile	//var/run/slapd.args
>
> # Load dynamic backend modules:
> # modulepath	/usr/sbin/openldap
> # moduleload	back_bdb.la
> # moduleload	back_ldap.la
> # moduleload	back_ldbm.la
> # moduleload	back_passwd.la
> # moduleload	back_shell.la
>
> # The next three lines allow use of TLS for connections using a dummy
> test
> # certificate, but you should generate a proper certificate by changing
> to
> # /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions
> on
> # slapd.pem so that the ldap user or group can read it.
> # TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
> # TLSCertificateFile /usr/share/ssl/certs/slapd.pem
> # TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
>
> # Sample security restrictions
> #	Require integrity protection (prevent hijacking)
> #	Require 112-bit (3DES or better) encryption for updates
> #	Require 63-bit encryption for simple bind
> # security ssf=1 update_ssf=112 simple_bind=64
>
> # Sample access control policy:
> #	Root DSE: allow anyone to read it
> #	Subschema (sub)entry DSE: allow anyone to read it
> #	Other DSEs:
> #		Allow self write access
> #		Allow authenticated users read access
> #		Allow anonymous users to authenticate
> #	Directives needed to implement policy:
> # access to dn.base="" by * read
> # access to dn.base="cn=Subschema" by * read
> # access to *
> #	by self write
> #	by users read
> #	by anonymous auth
> #
> # if no access controls are present, the default policy is:
> #	Allow read by all
> #
> # rootdn can always write!
>
> #######################################################################
> # ldbm and/or bdb database definitions
> #######################################################################
>
> database	ldbm
> suffix		"dc=asptt,dc=com"
> rootdn		"cn=admin,dc=asptt,dc=com"
> # Cleartext passwords, especially for the rootdn, should
> # be avoided.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw		uaspttLDAP
>
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory	/var/lib/ldap
>
> # Indices to maintain for this database
> index objectClass                       eq,pres
> index ou,cn,mail,surname,givenname      eq,pres,sub
> index uidNumber,gidNumber,loginShell    eq,pres
> index uid,memberUid                     eq,pres,sub
> index nisMapName,nisMapEntry            eq,pres,sub
>
> # Replicas of this database
> #replogfile /var/lib/ldap/openldap-master-replog
> #replica host=ldap-1.example.com:389 tls=yes
> #     bindmethod=sasl saslmech=GSSAPI
> #     authcId=host/ldap-master.example.com@EXAMPLE.COM
>
> And there is the few lines of the ldif file who return an error :
> dn: ul=1, ou=Bureau de l'union des ASPTT,ou=structure, dc=asptt, dc=com
> objectClass: top
> objectClass: personLinkAsptt
> ul: 1
>
> (all the organizationalUnit (Bureau de l'union des ASPTT,structure), are
> added without problem)
>
> Regards.
> Anthony
>
>
>


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- Naming Violation (64) when I create a new objectClass
  - From: "FRERY Anthony" <AFrery@scripto.com>

Prev by Date: Naming Violation (64) when I create a new objectClass
Next by Date: Re: Naming Violation (64) when I create a new objectClass
Index(es):
- Chronological
- Thread