[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Customizing organizationalUnit



Derek Chen-Becker wrote:
> Hello all,
>     I'm migrating a server from an older OpenLDAP 2.1 install to
> 2.4.21 and I've run into a (hopefully) small issue. On our old
> install we had added some attributes to organizationalUnit ("mail"
> is really the important one) just by editing the schema files, but I
> can't figure out how to do the same on 2.4.21 using the LDAP
> interface. I found this email on the list:
> 
> http://www.openldap.org/lists/openldap-technical/201106/msg00182.html
> 
> But it doesn't seem to have any replies. I've been fiddling with
> ldapmodify but I keep on getting strange errors:
> 
> root@lsmail:/etc/ldap/schema# ldapmodify -x -D
> cn=admin,dc=cpicorp,dc=com -W -f CPI-core.ldif
> Enter LDAP Password:
> modifying entry "cn=core,cn=schema,cn=config"
> ldap_modify: No such object (32)
>         matched DN: cn=schema,cn=config
> 
> Is this possible with 2.4.21,
Yes, it is, *but do not do this*

> or do I need to stick with an older
> version of OpenLDAP?
No


The cleanest approach is to modify your OU entries:

objectClass: top
objectClass: organizationalUnit
objectClass: extensibleObject

Now, all attributes which are defined in any schema are allowed :-) .



> 
> Thanks,
> 
> Derek


-- 

Harry Jede