[Date Prev][Date Next] [Chronological] [Thread] [Top]
Fw: Rif: Re: need help in adding certificate data to database

To: OpenLDAP-software@OpenLDAP.org
Subject: Fw: Rif: Re: need help in adding certificate data to database
From: "Gianni Chiogna" <gianni.chiogna@infotn.it>
Date: Fri, 15 Oct 2004 17:25:26 +0200

Gianni Chiogna said:
>
> The file slapd.conf and ldif file are in the request.
> Anyway:
>
> file.ldif with the first user
>> ____________________________________________________________
>>
>> dn: uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test Spa,c=it
>> owner: uid=user,ou=People,o=Test Spa,c=it
>> objectClass: top
>> objectClass: authzLDAPmap
>> objectClass: organizationalunit
>> ou: AuthzLDAPCertmap
>> issuerDN: /C=IT/O=ACME Spa/OU=ACME/CN=Ser.  ACME
>> subjectDN: /C=IT/O=ACME3/OU=RA=ACME3
>>
>
S.P.A./CN=ROSSI/PAOLO/04149039/Email=rossi.paolo@acme3.it/dnQualifier=04149039/SN=ROSSIPAOLO/S=ROSSI/G=PAOLO

>
>> uid: ROSSI/PAOLO/04149039
>>
>> Configuration
>> _________________________________________________
>> slapd.conf
>> _________________________________________________
>>
>> include         /etc/openldap/schema/core.schema
>> include         /etc/openldap/schema/cosine.schema
>> include         /etc/openldap/schema/inetorgperson.schema
>> include         /etc/openldap/schema/nis.schema
>> include         /etc/openldap/schema/authzldap.schema
>> include         /etc/openldap/schema/redhat/autofs.schema
>>
>> allow bind_v2
>>
>> pidfile /var/run/slapd.pid
>>
>> database        bdb
>> suffix          "o=Test Spa,c=it"
>> rootdn          "cn=Manager,o=Test Spa,c=it"
>> rootpw          secret
>>
>> directory       /var/lib/ldap3
>>
>> index objectClass                       eq,pres
>> index ou,cn,mail,surname,givenname      eq,pres,sub
>> index uidNumber,gidNumber,loginShell    eq,pres
>> index uid,memberUid                     eq,pres,sub
>> index nisMapName,nisMapEntry            eq,pres,sub
>> _______________________________________________________________
>
>
>
>
>
>
> |---------+------------------------------------>
> |         |           "Gavin Henry"            |
> |         |           <ghenry@suretecsystems.co|
> |         |           m>                       |
> |         |           Inviato da:              |
> |         |           owner-openldap-software@O|
> |         |           penLDAP.org              |
> |         |                                    |
> |         |                                    |
> |         |           15/10/2004 16.53         |
> |---------+------------------------------------>
>
>-----------------------------------------------------------------------------------------------------------------------|

>   |
>                                                |
>   |       Per:      openldap-software@OpenLDAP.org
>                                                |
>   |       Cc:
>                                                |
>   |       Oggetto:  Re: need help in adding certificate data to database
>                                                |
>
>-----------------------------------------------------------------------------------------------------------------------|

>
>
>
>
> can we see your slapd.conf and your ldif file?
>
> --
> Kind Regards,
>
> Gavin Henry.
> Managing Director.
>
> T +44 (0) 1467 624141
> M +44 (0) 7930 323266
> F +44 (0) 1224 742001
> E ghenry@suretecsystems.com
>
> Open Source. Open Solutions(tm).
>
> http://www.suretecsystems.com/
>
> Gianni Chiogna said:
>> Hi all
>>
>> I ask your help to insert a certificate (issuerDN and subjectDN) to
>> ldap.
>> When I try to add a new certificate with command:
>>
>> ldapadd -f file.ldif -x -D "cn=Manager,o=Test Spa,c=it" -w secret
>>
>> the error is:
>>
>> ldap_add: Object class violation (65)
>>         additional info: attribute 'uid' not allowed
>>
>> I try to use cert2ldap and the error is:
>> cannot add target: Object class violation
>>         additional info: no structural object class provided
>>
>> Follow the ldap configuration
>> Thank you
>>
>> Gianni
>>
>> ____________________________________________________________
>> file.ldif with the first user
>> ____________________________________________________________
>>
>> dn: uid=ROSSI/PAOLO/04149039,ou=AuthzLDAPCertmap,o=Test Spa,c=it
>> owner: uid=user,ou=People,o=Test Spa,c=it
>> objectClass: top
>> objectClass: authzLDAPmap
>> objectClass: organizationalunit
>> ou: AuthzLDAPCertmap
>> issuerDN: /C=IT/O=ACME Spa/OU=ACME/CN=Ser.  ACME
>> subjectDN: /C=IT/O=ACME3/OU=RA=ACME3
>>
>
S.P.A./CN=ROSSI/PAOLO/04149039/Email=rossi.paolo@acme3.it/dnQualifier=04149039/SN=ROSSIPAOLO/S=ROSSI/G=PAOLO

>
>> uid: ROSSI/PAOLO/04149039
>>
>> Configuration
>> _________________________________________________
>> slapd.conf
>> _________________________________________________
>>
>> include         /etc/openldap/schema/core.schema
>> include         /etc/openldap/schema/cosine.schema
>> include         /etc/openldap/schema/inetorgperson.schema
>> include         /etc/openldap/schema/nis.schema
>> include         /etc/openldap/schema/authzldap.schema
>> include         /etc/openldap/schema/redhat/autofs.schema
>>
>> allow bind_v2
>>
>> pidfile /var/run/slapd.pid
>>
>> database        bdb
>> suffix          "o=Test Spa,c=it"
>> rootdn          "cn=Manager,o=Test Spa,c=it"
>> rootpw          secret
>>
>> directory       /var/lib/ldap3
>>
>> index objectClass                       eq,pres
>> index ou,cn,mail,surname,givenname      eq,pres,sub
>> index uidNumber,gidNumber,loginShell    eq,pres
>> index uid,memberUid                     eq,pres,sub
>> index nisMapName,nisMapEntry            eq,pres,sub
>> _______________________________________________________________
>> authzldap.schema
>> ______________________________________________________________
>>
>> attributetype ( 1.3.6.1.4.1.4263.5.1 NAME 'issuerDN'
>>             DESC 'distinguished name of the issuer of a certificate'
>>             EQUALITY caseExactMatch
>>             SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
>>
>> attributetype ( 1.3.6.1.4.1.4263.5.2 NAME 'subjectDN'
>>       DESC 'distinguished name of the subject of a certificate'
>>       EQUALITY caseExactMatch
>>       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
>>
>> objectclass ( 1.3.6.1.4.1.4263.5.3 NAME 'authzLDAPmap'
>>       DESC 'Map Entry for mod_authz_ldap'
>>       SUP top AUXILIARY
>>       MUST ( issuerDN $ owner )
>>       MAY ( userCertificate $ serialNumber $ subjectDN ) )
>> ___________________________________________________________________
>> export test.ldif
>> ___________________________________________________________________
>>
>> dn: o=Test Spa,c=it
>> dc: Test organizzation
>> objectClass: dcObject
>> objectClass: organization
>> o: Test Spa
>>
>> dn: cn=Manager, o=Test Spa,c=it
>> objectClass: organizationalRole
>> cn: Manager
>>
>> dn: ou=People, o=Test Spa,c=it
>> ou: People
>> objectClass: top
>> objectClass: organizationalunit
>>
>> dn: ou=AuthzLDAPCertmap, o=Test Spa,c=it
>> ou: AuthzLDAPCertmap
>> objectClass: top
>> objectClass: organizationalUnit
>>
>> dn: uid=ROSSI/PAOLO/04149039,ou=People, o=Test Spa,c=it
>> mail: rossi.paolo@acme3.it
>> uid: ROSSI/PAOLO/04149039
>> userPassword:: e1NTSEF9SURMUy8yMzNB
>> objectClass: top
>> objectClass: person
>> objectClass: inetOrgPerson
>> objectClass: organizationalPerson
>> sn: ROSSI/PAOLO/04149039
>> cn: ROSSI/PAOLO/04149039
>>
>
>
>
>
>
>
>
>
>
Prev by Date: Re: OpenLDAP 2.0.X master. OpenLDAP 2.1.X slave
Next by Date: RootDSE question
Index(es):
- Chronological
- Thread