[Date Prev][Date Next] [Chronological] [Thread] [Top]

Rif: RE: need help in adding certificate data to database

To: Dhiren Pankhania <dpankhania@beTRUSTed.com>
Subject: Rif: RE: need help in adding certificate data to database
From: "Gianni Chiogna" <gianni.chiogna@infotn.it>
Date: Fri, 15 Oct 2004 16:58:13 +0200
Cc: OpenLDAP-software@OpenLDAP.org
In-reply-to: <C1DC40E292E2E74E9FA67C31139E52B33A7E93@ukmail007.betrusted.com>

Hi
Thank you
 if I add objectClass inetOrgPerson these error appare:

adding new entry "uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test
Spa,c=it"
ldapadd: update failed: uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test
Spa,c=it
ldap_add: Object class violation (65)
        additional info: invalid structural object class chain
(organizationalunit/inetOrgPerson)

Any idea?






|---------+---------------------------->
|         |           Dhiren Pankhania |
|         |           <dpankhania@beTRU|
|         |           STed.com>        |
|         |                            |
|         |           15/10/2004 16.38 |
|---------+---------------------------->
  >-----------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                       |
  |       Per:      Gianni Chiogna <gianni.chiogna@infotn.it>, openldap-software@OpenLDAP.org                             |
  |       Cc:                                                                                                             |
  |       Oggetto:  RE: need help in adding certificate data to database                                                  |
  >-----------------------------------------------------------------------------------------------------------------------|




Try including the objectClass inetOrgPerson that contains the attribute uid
in your ldif file.


-----Original Message-----
From: Gianni Chiogna [mailto:gianni.chiogna@infotn.it]
Sent: 15 October 2004 13:17
To: openldap-software@OpenLDAP.org
Subject: need help in adding certificate data to database


Hi all


I ask your help to insert a certificate (issuerDN and subjectDN) to ldap.
When I try to add a new certificate with command:


ldapadd -f file.ldif -x -D "cn=Manager,o=Test Spa,c=it" -w secret


the error is:


ldap_add: Object class violation (65)
        additional info: attribute 'uid' not allowed


I try to use cert2ldap and the error is:
cannot add target: Object class violation
        additional info: no structural object class provided


Follow the ldap configuration
Thank you


Gianni


____________________________________________________________
file.ldif with the first user
____________________________________________________________


dn: uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test Spa,c=it
owner: uid=user,ou=People,o=Test Spa,c=it
objectClass: top
objectClass: authzLDAPmap
objectClass: organizationalunit
ou: AuthzLDAPCertmap
issuerDN: /C=IT/O=ACME Spa/OU=ACME/CN=Ser.  ACME
subjectDN: /C=IT/O=ACME3/OU=RA=ACME3
S.P.A./CN=ROSSI/PAOLO/04149039/Email=rossi.paolo@acme3.it/dnQualifier=04149039/SN=ROSSIPAOLO/S=ROSSI/G=PAOLO

uid: ROSSI/PAOLO/04149039


Configuration
_________________________________________________
slapd.conf
_________________________________________________


include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/authzldap.schema
include         /etc/openldap/schema/redhat/autofs.schema


allow bind_v2


pidfile /var/run/slapd.pid


database        bdb
suffix          "o=Test Spa,c=it"
rootdn          "cn=Manager,o=Test Spa,c=it"
rootpw          secret


directory       /var/lib/ldap3


index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
_______________________________________________________________
authzldap.schema
______________________________________________________________


attributetype ( 1.3.6.1.4.1.4263.5.1 NAME 'issuerDN'
            DESC 'distinguished name of the issuer of a certificate'
            EQUALITY caseExactMatch
            SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )


attributetype ( 1.3.6.1.4.1.4263.5.2 NAME 'subjectDN'
      DESC 'distinguished name of the subject of a certificate'
      EQUALITY caseExactMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )


objectclass ( 1.3.6.1.4.1.4263.5.3 NAME 'authzLDAPmap'
      DESC 'Map Entry for mod_authz_ldap'
      SUP top AUXILIARY
      MUST ( issuerDN $ owner )
      MAY ( userCertificate $ serialNumber $ subjectDN ) )
___________________________________________________________________
export test.ldif
___________________________________________________________________


dn: o=Test Spa,c=it
dc: Test organizzation
objectClass: dcObject
objectClass: organization
o: Test Spa


dn: cn=Manager, o=Test Spa,c=it
objectClass: organizationalRole
cn: Manager


dn: ou=People, o=Test Spa,c=it
ou: People
objectClass: top
objectClass: organizationalunit


dn: ou=AuthzLDAPCertmap, o=Test Spa,c=it
ou: AuthzLDAPCertmap
objectClass: top
objectClass: organizationalUnit


dn: uid=ROSSI/PAOLO/04149039,ou=People, o=Test Spa,c=it
mail: rossi.paolo@acme3.it
uid: ROSSI/PAOLO/04149039
userPassword:: e1NTSEF9SURMUy8yMzNB
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
sn: ROSSI/PAOLO/04149039
cn: ROSSI/PAOLO/04149039

References:
- RE: need help in adding certificate data to database
  - From: Dhiren Pankhania <dpankhania@beTRUSTed.com>

Prev by Date: Re: need help in adding certificate data to database
Next by Date: Re: OpenLDAP 2.0.X master. OpenLDAP 2.1.X slave
Index(es):
- Chronological
- Thread