Re: openldap proxy: schema issue

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 02:09 AM 11/30/2006, jerrrry@voila.fr wrote:

>Hi everybody, 
>
>I'am configuring slapd(8) 2.3.27 for use as a proxy to another LDAP server.
>
>Unfortunately this (non-OpenLDAP) LDAP directory uses non standard attributes stored in a .ldif file.
>
>i have to use one of this non standard attributes in the slapd.conf file for binddn:
>
>database ldap
>
>uri <ldap://192.168.239.210:1389/>ldap://192.168.239.210:1389
>
>suffix ou=personnes,o=sg
>
>binddn "sbzoneid=appli_test,ou=exploit,ou=personnes,o=sb"
>
>bindpw secret
>
>
>maybe i have to convert this file in the openldap .schema format and include it in slapd.conf.

If the LDIF contains RFC 4512 conformant schema descriptions,
that conversion is straight forward.  However, it seems that
descriptions provided in the LDIF do not conform to RFC 4512.

>A big issue seems to be that this ldif file doesn't use numericOIDs but string OID like:
>
>attributetype ( sbzoneid-oid NAME 'sbzoneid' SYNTAX 1.3.6.1.4.1.1466.115.12

slapd(8) requires either an OID, or a valid OID macro (which
will expand to the OID before the description is published in
the schema)... because LDAP does (see RFC 4512).

>so when runing "sladp -d 1" i get the error: OID could not be expanded: "sbzoneid-oid"

As "sbzoneid-oid" isn't a numbericoid, it assumed it was an
OID macro.  But there is no such OID macro, hence the error.

>or maybe with a more liberal parsing could be helpful ?

The input is parsed just fine.  The problem is semantics.
The field requires an OID.  "sbzoneid-oid" is neither an OID,
nor something that represents an OID.   Without an OID, slapd(8)
wouldn't be able to publish valid schema descriptions for
the schema element.

>Do you have any idea to solve this problem ?

Locate the proper OIDs for these schema elements and use them.
Or, assign your own OIDs (from your own name space). 

Kurt