[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: issue w/ LDAP that I have encountered





--On Thursday, July 06, 2006 3:38 PM -0500 "Derek R." <derekr@tlc2.uh.edu> wrote:

I know I'm missing something dead obvious, but I can't figure out what.
Shouldn't it be giving me something, even though I haven't been able to
add any data to the directory?  When I try to add the following LDIF :
dn: dc=tlc2,dc=uh,dc=edu
dc: tlc2
objectClass: top
objectClass: domain
I get the following :

[root@uiln001 ldap]# ldapadd -f base.ldif
SASL/GSSAPI authentication started
SASL username: root/admin@TLC2.UH.EDU
SASL SSF: 56
SASL installing layers
adding new entry "dc=tlc2,dc=uh,dc=edu"
dldap_add: Server is unwilling to perform (53)
        additional info: operation not permitted within namingContext


What does "ldapwhoami" show?

For example, on my systems, I have:

ltribes:~> ldapwhoami
SASL/GSSAPI authentication started
SASL username: quanah@stanford.edu
SASL SSF: 56
SASL installing layers
dn:uid=quanah,cn=accounts,dc=stanford,dc=edu
Result: Success (0)


Your posted slapd.conf has:

### SQL database options
database                sql
suffix                  "dc=tlc2,dc=uh,dc=edu"
rootdn                  "uid=ldap,cn=gssapi,cn=auth"


so if ldapwhoami doesn't return that rootdn, I don't see that you'd be allowed to write to the database. I'm not terribly familiar with back-sql, so that may be as far as I get on this. ;) The error could be related to its ue, since your naming context in your LDIF matches the suffix.


--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html