[Date Prev][Date Next]
Re: Importing Netscape LDIF address book into OpenLDAP
Thomas Brown <firstname.lastname@example.org> wrote:
>I suspect there is something that needs to be tweaked in the schema before
>that can happen, as the 'ldifadd' command chokes on the 'mail' field:
># /opt/openldap/bin/ldapadd -f import.ldif -x -D
>Enter LDAP Password:
>adding new entry "o=mydomain.com"
>adding new entry "cn=Manager, o=mydomain.com"
>adding new entry "cn=username, o=mydomain.com"
>ldap_add: Object class violation
> additional info: attribute 'mail' not allowed
>dn: cn=username, o=mydomain.com
>The business-end of my slapd.conf file looks like this:
Note that core.schema defines 'person' as:
MUST ( sn $ cn )
MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
There's no 'mail' (which is also rfc822mailbox) in there at all.
I think the most direct route would be to add to your LDIF as such:
dn: cn=username, o=mydomain.com
[ ... ]
since that objectClass (inetOrgPerson) includes a:
MAY ( mail )
although you would then need to include in your slapd.conf:
inetOrgPerson is in inetorgperson.schema, and
depends on (from the SUP): organizationalPerson
organizationalPerson is in core.schema, and
depends on (from it's SUP): person
which is already included with your include of core.schema.
Philip Kizer, Senior Lead Systems Engineer, Texas A&M University
USENIX Liaison to Texas A&M University <email@example.com>
Texas A&M CIS Operating Systems Group, Unix <firstname.lastname@example.org>