[Date Prev][Date Next]
Re: Question on implementing OpenLDAP
lør, 2003-03-29 kl. 00:13 skrev Jason Williams:
> dn: cn= randomuser, ou=Managers, dc=mycompany,dc=com
> Here is a entry I was trying to put into our LDAP server for testing purposes.
> [root@nitro schema]# ldapadd -x -D "cn=Manager,dc=mycompany,dc=com" -W
> Enter LDAP Password:
> dn: uid=jwilliams,ou=InformationTechnology,dc=mycompany,dc=com
> objectclass: top
> objectclass: posixAccount
> uid: jwilliams
> cn: Jason Williams
> cn: Williams, Jason
> uidNumber: 500
> gidNumber: 100
> homeDirectory: /home/jwilliams
> userPassword: password
> gecos: Jason Williams
> adding new entry "uid=jwilliams,ou=InformationTechnology,dc=mycompany,dc=com"
> ldapadd: update failed:
> ldap_add: Undefined attribute type (17)
You can't just add an account (in this case posixAccount) to a tree
without first defining what kind of an account it is. Everything is
hierarchical and the hierarchy isn't necessarily immediately obvious.
In this case, you should say that the account is for a person. What kind
of a person? In this case a Unix user.
Try adding the following objectClasses in your ldif file, as well as
what you've got already:
Then you may ask: "How do I get to know such things?"
> Jason, who needs to buy some books on LDAP
I've never bought an ldap book yet. There are books on less obvious
subjects to buy. Your best bet is the mail archives for this list -
going back a year, since everything you'd want to know has been covered
at least once and possibly many times. Your second is, if you're using
Red Hat 8, use GQ as a GUI tool, because that (and a tail -f on
slapd.log) will show clearly what's going on. In fact, you should try
the latest GQ which to date is v0.7.0b2, jump from www.biot.com.
Best, and yes there's plenty to learn. It's mostly a question of trial
and error - rest assured that almost everyone on this list has been
through it all at some stage and had the same difficulties.