[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Creating my own schema in OpenLdap 2.3
- To: "Edan Shavit" <Edan.S@puresight.com>
- Subject: RE: Creating my own schema in OpenLdap 2.3
- From: "Pierangelo Masarati" <ando@sys-net.it>
- Date: Mon, 28 Nov 2005 17:16:22 +0100 (CET)
- Cc: openldap-software@OpenLDAP.org
- Importance: Normal
- In-reply-to: <DFB224C4B320AE4E8508B1B1DF075A20010A3424@icognito-dc.Icognito.local>
- References: <DFB224C4B320AE4E8508B1B1DF075A20010A3424@icognito-dc.Icognito.local>
- User-agent: SquirrelMail/1.4.3a-1
[please keep replies on the list; I don't have time nor resources for
private answers]
> Hi Pierangelo Masarati,
> I know this FAQ.
> but I do not understand the answer:
>
> "No structuralObjectClass operational attribute
> This is commonly returned when a shadow server is provided an entry
> which does not contain the structuralObjectClass operational attribute."
>
> This is the reason I posted the question.
The message sounds pretty self-explanatory, if you're familiar with the
terms involved. If you're not, I suggest you read a bit about LDAP,
starting from RFC 3377.
Anyway, let's step thru it:
"No structuralObjectClass operational attribute": your modification did
not contain a "structuralObjectClass" attribute.
This is the immediate error the server sees. What the error message
(correctly) doesn't tell (but the FAQ does), is that when you see that
error and you're not "slurpd", then you erroneously tried to write to a
replica (a "shadow database") using the identity that only slurpd is
allowed to use, which is defined in the "updatedn" directive. If you
write to a replica with that identity, you're supposed to be slurpd, but
if you don't provide a "structuralObjectClass" attribute, you're a "cheap"
slurpd.
So you've piled up three or four basic errors that newbies typically do;
there's nothing wrong in being a newbie, everybody has been a newbie at
least for a while. The point is that this mistake happened so many times,
and so many people asked why, that a dedicated FAQ answer was created, not
to mention the tons of occurrences in of this error and of the reason one
correctly gets it that are present in the mailing list archives.
BTW, Kurt explained this very well in his answer; so why would you still
seek (private, but unpaid) advice from anyone else?
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
Ing. Pierangelo Masarati
Responsabile Open Solution
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------