[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: No structuralObjectClass

To: "Israel Garcia" <igalvarez@gmail.com>
Subject: Re: No structuralObjectClass
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 15 Jun 2006 12:40:51 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <194a2c240606151219i517c1620tbe6419187971a051@mail.gmail.co m>
References: <194a2c240606151016u473b8faflf26481372708b265@mail.gmail.com> <7.0.1.0.0.20060615110312.03a2f000@OpenLDAP.org> <194a2c240606151219i517c1620tbe6419187971a051@mail.gmail.com>

At 12:19 PM 6/15/2006, Israel Garcia wrote:
>Kurt, thanks for your soon answer.. but it's weird, from the non-openldap
>client I can search anything and  even delete objects, but I can't
>authenticate or add users... I'm not trying to do replicas between them, I
>just want to authenticate in my openldap server.... I didn't understand what
>you said about "that client is authenticating as the 'updatedn'"... however
>I can authenticate, delete and add objects from an openldap-client.. why do
>you think I have a configuration problem?

Because the client is apparently authenticating as the
DN reserved for replication updates (the updatedn).
Replication updates have to provide additional data.
Also, updates which are not part of the replication stream
should get referred/chained to the master, not applied
directly to the slave. 

It appears you have set the slave's updatedn to the
master's rootdn.  The document explicitly says not to do
this.

-- Kurt



>regards
>Israel
>
>On 6/15/06, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
>>
>>At 10:16 AM 6/15/2006, Israel Garcia wrote:
>>>List:
>>>I'm running openldap2.3(from buchan) on CentOS Linux.  When
>>>adding an object via a non-OpenLDAP LDAP client, I get this
>>>error from slapd:
>>>
>>>[root@ldap openldap2.3]# Jun 15 20:17:32 ldap slapd2.3[2780]: conn=2
>>fd=18
>>>ACCEPT from IP=172.16.1.241:1156 (IP=0.0         .0.0:389)
>>>Jun 15 20:17:32 ldap slapd2.3 [2780]: conn=2 op=0 BIND
>>>dn="cn=manager,dc=cimex,dc=com,dc=cu" method=128
>>>Jun 15 20:17:32 ldap slapd2.3[2780]: conn=2 op=0 BIND
>>>dn="cn=manager,dc=cimex,dc=com,dc=cu" mech=SIMPLE ssf=0
>>>Jun 15 20:17:32 ldap slapd2.3[2780]: conn=2 op=0 RESULT tag=97 err=0
>>text=
>>>Jun 15 20:17:33 ldap slapd2.3[2780]: conn=2 op=1 ADD
>>>dn="uid=igarcia,ou=sentai,dc=cimex,dc=com,dc=cu"
>>>Jun 15 20:17:33 ldap slapd2.3[2780]: No structuralObjectClass for entry
>>>(uid=igarcia,ou=sentai,dc=cimex,dc=com,dc=cu)
>>>Jun 15 20:17:33 ldap slapd2.3[2780]: conn=2 op=1 RESULT tag=105 err=80
>>text=no
>>>structuralObjectClass operational attribute
>>>Jun 15 20:17:33 ldap slapd2.3[2780]: conn=2 fd=18 closed (connection
>>lost)
>>>
>>>what's the meaning of No structuralObjectClass?
>>
>>This message is discussed briefly in:
>>   http://www.openldap.org/faq/index.cgi?file=650
>>
>>Beyond that, it implies that client is authenticating as the
>>'updatedn' and hence is expected to act like slurpd(8), the
>>replication daemon.  As the client is not slurpd(8), you
>>appear to have a configuration problem (such as setting
>>the slave's updatedn to the rootdn of the master).
>>
>>>Where can I find the meaning of error codes "err=80" of openldap?
>>
>>The code is an LDAP result code and hence its general meaning
>>is not specific to OpenLDAP.  A general meaning can be found
>>for basic codes in RFC 4511.   80 == other.
>>
>>
>
>
>-- 
>Regards;
>Israel Garcia

References:
- No structuralObjectClass
  - From: "Israel Garcia" <igalvarez@gmail.com>
- Re: No structuralObjectClass
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: No structuralObjectClass
  - From: "Israel Garcia" <igalvarez@gmail.com>

Prev by Date: Re: No structuralObjectClass
Next by Date: Re: Replication between 2.2.x and 2.3.x
Index(es):
- Chronological
- Thread