[Date Prev][Date Next]
Re: dn components
At 03:32 PM 9/7/99 -0400, Leslie Dreyer Kalra wrote:
>>I'm looking at the possibility of using OpenLDAP to replace an old version
>>of Netscape Directory Server for a client. I'm trying to load entries from
>>an LDIF file that works for them with the Netscape server, but I can't get
>>it to accept a dn with a uid component. RFC 1779 mentions specific
>>attributes that can be part of a dn, and uid isn't one of them. RFC 2253
>>does mention uid as a possibility, though.
RFC1779 list of attribute which are valid naming components is
incomplete. Using uid as a DN component is fine. I generally
prefer using uid over cn for naming purposes.
OpenLDAP 1.x doesn't enforce naming component restrictions.
>>At any rate, ldapadd stops adding entries when it finds one of these dn's
>>with the uid component. If I remove that, it works fine. Yet these same
>>dn's work fine in Netscape's server. I must have misconfigured something,
>>but I don't know what. My slapd.conf file is basically the default one
>>with the suffix, directory and rootdn values customized.
>>I'm using the same command with v1.2.6 and v2.0alpha2 and getting the
>>ldap_add: No such object
>>ldap_add: matched: OU=PEOPLE,O=UPENN.EDU
>>The errno is 32.
This error implies that the entry's parent does not exist.
Likely you were attempting to add something like:
"cn=foo, uid=bar, ou=people, o=upenn.edu" and
"uid=bar, ou=people, o=upenn.edu" doesn't exist.
You first should verify that your database suffix is correct
with respect to your input. It's very common for users to
have input which doesn't match their configuration.
Next, you should verify that parent entries exist before adding
children. You may have to reorder (or add) entries in your LDIF.
For specific answers of course require more specific details
(slapd.conf, relevant log entries, ldif sample, command output, etc.).