[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Adding additional schema - objectClass: value #1 invalid per syntax

I added the following to my schema directory:
dn: cn=schema
attributeTypes: ( NAME 'sudoUser' DESC 'User(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX X-ORIGIN 'SUDO' )
and referenced it in slapd.conf as:
include         /etc/openldap/schema/sudoers.schema

This looks like you're mixing a classic config file and a back-config configuration. My guess is you need to include sudoers.schema using back-config.

On reviewing the list of available objectClasses with the GQ application, I can't find the objectClass sudoRole, although I _can_ find the five attributes, in the attribute list.

Eh, or maybe there's something worse going on...

I also can't figure out how to dump the schemas with ldapsearch or any other command, so I can check to see for myself what's in there.

All gq is doing is searching under "cn=Subschema" base. You can do that with ldapsearch.

Your real debugging maneuver, assuming you're in a position to do this, is to restart slapd with "-d config" debug option.