[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Rif: RE: need help in adding certificate data to database
http://www.openldap.org/faq/data/cache/53.html
Gianni Chiogna disse:
>
> Hi
> Thank you
> if I add objectClass inetOrgPerson these error appare:
>
> adding new entry "uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test
> Spa,c=it"
> ldapadd: update failed:
> uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test
> Spa,c=it
> ldap_add: Object class violation (65)
> additional info: invalid structural object class chain
> (organizationalunit/inetOrgPerson)
>
> Any idea?
>
>
>
>
>
>
> |---------+---------------------------->
> | | Dhiren Pankhania |
> | | <dpankhania@beTRU|
> | | STed.com> |
> | | |
> | | 15/10/2004 16.38 |
> |---------+---------------------------->
> >-----------------------------------------------------------------------------------------------------------------------|
> |
> |
> | Per: Gianni Chiogna <gianni.chiogna@infotn.it>,
> openldap-software@OpenLDAP.org |
> | Cc:
> |
> | Oggetto: RE: need help in adding certificate data to database
> |
> >-----------------------------------------------------------------------------------------------------------------------|
>
>
>
>
> Try including the objectClass inetOrgPerson that contains the attribute
> uid
> in your ldif file.
>
>
> -----Original Message-----
> From: Gianni Chiogna [mailto:gianni.chiogna@infotn.it]
> Sent: 15 October 2004 13:17
> To: openldap-software@OpenLDAP.org
> Subject: need help in adding certificate data to database
>
>
> Hi all
>
>
> I ask your help to insert a certificate (issuerDN and subjectDN) to ldap.
> When I try to add a new certificate with command:
>
>
> ldapadd -f file.ldif -x -D "cn=Manager,o=Test Spa,c=it" -w secret
>
>
> the error is:
>
>
> ldap_add: Object class violation (65)
> additional info: attribute 'uid' not allowed
>
>
> I try to use cert2ldap and the error is:
> cannot add target: Object class violation
> additional info: no structural object class provided
>
>
> Follow the ldap configuration
> Thank you
>
>
> Gianni
>
>
> ____________________________________________________________
> file.ldif with the first user
> ____________________________________________________________
>
>
> dn: uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test Spa,c=it
> owner: uid=user,ou=People,o=Test Spa,c=it
> objectClass: top
> objectClass: authzLDAPmap
> objectClass: organizationalunit
> ou: AuthzLDAPCertmap
> issuerDN: /C=IT/O=ACME Spa/OU=ACME/CN=Ser. ACME
> subjectDN: /C=IT/O=ACME3/OU=RA=ACME3
> S.P.A./CN=ROSSI/PAOLO/04149039/Email=rossi.paolo@acme3.it/dnQualifier=04149039/SN=ROSSIPAOLO/S=ROSSI/G=PAOLO
>
> uid: ROSSI/PAOLO/04149039
>
>
> Configuration
> _________________________________________________
> slapd.conf
> _________________________________________________
>
>
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/authzldap.schema
> include /etc/openldap/schema/redhat/autofs.schema
>
>
> allow bind_v2
>
>
> pidfile /var/run/slapd.pid
>
>
> database bdb
> suffix "o=Test Spa,c=it"
> rootdn "cn=Manager,o=Test Spa,c=it"
> rootpw secret
>
>
> directory /var/lib/ldap3
>
>
> index objectClass eq,pres
> index ou,cn,mail,surname,givenname eq,pres,sub
> index uidNumber,gidNumber,loginShell eq,pres
> index uid,memberUid eq,pres,sub
> index nisMapName,nisMapEntry eq,pres,sub
> _______________________________________________________________
> authzldap.schema
> ______________________________________________________________
>
>
> attributetype ( 1.3.6.1.4.1.4263.5.1 NAME 'issuerDN'
> DESC 'distinguished name of the issuer of a certificate'
> EQUALITY caseExactMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
>
>
> attributetype ( 1.3.6.1.4.1.4263.5.2 NAME 'subjectDN'
> DESC 'distinguished name of the subject of a certificate'
> EQUALITY caseExactMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
>
>
> objectclass ( 1.3.6.1.4.1.4263.5.3 NAME 'authzLDAPmap'
> DESC 'Map Entry for mod_authz_ldap'
> SUP top AUXILIARY
> MUST ( issuerDN $ owner )
> MAY ( userCertificate $ serialNumber $ subjectDN ) )
> ___________________________________________________________________
> export test.ldif
> ___________________________________________________________________
>
>
> dn: o=Test Spa,c=it
> dc: Test organizzation
> objectClass: dcObject
> objectClass: organization
> o: Test Spa
>
>
> dn: cn=Manager, o=Test Spa,c=it
> objectClass: organizationalRole
> cn: Manager
>
>
> dn: ou=People, o=Test Spa,c=it
> ou: People
> objectClass: top
> objectClass: organizationalunit
>
>
> dn: ou=AuthzLDAPCertmap, o=Test Spa,c=it
> ou: AuthzLDAPCertmap
> objectClass: top
> objectClass: organizationalUnit
>
>
> dn: uid=ROSSI/PAOLO/04149039,ou=People, o=Test Spa,c=it
> mail: rossi.paolo@acme3.it
> uid: ROSSI/PAOLO/04149039
> userPassword:: e1NTSEF9SURMUy8yMzNB
> objectClass: top
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: organizationalPerson
> sn: ROSSI/PAOLO/04149039
> cn: ROSSI/PAOLO/04149039
>
>
>
>
>
>
>
>
>
--
Luca Scamoni - e-mail: luca.scamoni@sys-net.it
SysNet snc - Via Dossi, 8 - 27100 Pavia Italy
IT Senior Consultant - mobile: +393471014425
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497