[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap 2.1.3 problems

Can anyone tell me which documentation to read on the 2nd problem, where samba 
and inetorgperson objectlass cannot go together?  It was explained in the 
mailing list, but I still don't understand and can't solve the problem :(

If I were to create a new objectlass that is superior to both, I can't put 
random numbers for the objectlass oid.  Am I right (unless for internal 

On Saturday 03 August 2002 08:29, Hardi Gunawan wrote:
> Hi
> I've some problem moving from openldap 2.0.23 to 2.1.3.
> 1)  I can't connect using TLS anymore (It works when I downgrade to 2.0.23)
> TLS trace: SSL_accept:failed in SSLv3 read client certificate A
> TLS: can't accept.
> TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> s3_pkt.c:985
> Seems that quite a number of people are having the same problems.
> 2) Could someone point me to the documentation on structural objectclasses?
>  I realized that samba and inetorgperson can't go together.  So I need to
> know what I should do.  There are some explanation in the mailing list
> about this, but due to being new to openldap, I don't quite understand. 
> Here's a quote from the mailing list:
> --------------------------------------------------------------
> Actually, objects can list multiple STRUCTURAL classes
> in objectClass as long as they as there is one which
> is superior to all the others.
> For example, an object which lists person, organizationalPerson
> and inetOrgPerson is valid as inetOrgPerson is superior
> to both person and organizationalPerson.
> As a counter example, it is improper for an object to list
> inetOrgPerson and pilotPerson as neither is in the others
> superclass chain.  If you desire to have an object belong
> to both inetOrgPerson and pilotPerson, you can create a
> class which is superior to both (e.g. OpenLDAPperson).
> This all per RFC 2251 and X.501(93).
> Kurt
> --------------------------------------------------------------