[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DN syntax question

--On Wednesday, November 08, 2006 10:19 AM +0100 Miek Gieben <miek@bit.nl> wrote:


I'm not sure this is the correct list, but here it goes.
I'm creating a ldap tree with the usual layout:


Where companyName is a customer. Adding entries with this DN
works and I can query the tree, etc. etc.

Now some customers can also have clients which should also be
represented in this tree. This would lead to the following DN
to be created:


So: 'o=client,ou=Organizations' is placed below 'o=companyName'. Now
when I try to add this to openldap I get this in the logs:

slapd[3418]: connection_get(10)
slapd[3418]: do_add: dn
slapd[3418]: ==> bdb_add:
slapd[3418]: send_ldap_result: err=64 matched="" text="value of naming
attribute 'o' is not present in entry"

where the ldif added is:
    [0] => dn:
[1] => objectClass: top
    [2] => objectClass: Organization
    [3] => deleted: FALSE
    [4] => o: client:companyName
    [5] => cn: test test test

What I'm I doing wrong? Can't you have two 'o=' attributes in a DN? And
why does it complain about a missing attribute 'o', when in fact is looks
to be there?

To have multi-valued attributes, you list them twice:

o: client
o: companyName

I think you don't understand the o/ou hierarchy though, since I can't see how an "o" would appear below an "ou"...

Also, the correct list for general LDAP questions is "ldap@umich.edu". This list is for questions specific to the OpenLDAP software, so if you have further generic LDAP issues, I advise posting to the ldap@umich list.


Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html