[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: NSS_PAM and LDAP_PAM account setup

On Thu, Nov 02, 2000 at 05:00:42PM -0500, Marc Jones wrote:
> When I try to run the migration tools that PADL created to populate my
> database,( even when I have a blank database without Netscape profiles
> inside of it), the script fails to complete. It bombs out with the
> message 
> adding new entry "cn=postmaster,ou=aliases,dc=career,dc=uconn,dc=edu"
> ldap_add: Undefined attribute type
> 	additional info: attribute type undefined
> It does create some new objects in the directory mostly the
> organizational units. 
> I presume that I am missing a schema file. I can not find a example of a
> slapd.conf file that uses that is used with PAM so I am not sure. I have
> done some investigating into the other standard schema that comes with
> Openldap but they seem to be unrelated. 

This is probably more appropriate for the nssldap@padl.com mailing
list, but I think I know what the problem is.  If you're using the
extended schema option in the migration scripts, you're missing a
schema for the kerberosSecurityObject class.  I have one that appears
to work in http://people.redhat.com/nalin/schema/, but it hasn't seen
much use beyond my own testing.

Hope this helps,