[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ldapd vs. slapd



So I've followed the suggestion to have only the objectClass inetOrgPerson.
Now I'm told that there's no such object. My LDIF file:

dn: uid=trichards,dc=toby,dc=org,dc=org
cn: Toby Richards
givenName: Toby
sn: Richards
uid: trichards
mail: trichards@toby.org.org
objectClass: inetOrgPerson
password: {CRYPT}*

Result: ldap_add: No such object (32)

-Toby

-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Brandon Hume
Sent: Tuesday, April 17, 2012 9:16 AM
To: openldap-technical@openldap.org
Subject: Re: ldapd vs. slapd

  On 04/17/12 12:47 PM, Richards, Toby wrote:
> The above doesn't work. It says that top/account isn't a valid chain.
>

What happens if you leave out "account"?  It's a structural objectclass and
is likely conflicting with inetOrgPerson.

If you check cosine.schema, you'll see the objectclass "account" as being
meant for a computer account.  You're essentially adding an entry that says
it's for a person *and* a computer.  (A cyborg, maybe?)  LDAP wants clear
lines of inheritance.

Attachment: smime.p7s
Description: S/MIME cryptographic signature