[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using OpenLDAP client to change directory schema

Klaus Heinrich Kiwi wrote:

 My understanding is that OpenLDAP software doesn't support subschema
modification over LDAP operations, but I'm willing to use OpenLDAP
client to change cn=schema on an LDAP server (different vendor) that
supports it.

OpenLDAP supports schema modification by way of LDAP operations. It does not support direct modification to "cn=subschema" (not "cn=schema").

Is that possible? Or is the OpenLDAP checking for cn=schema at the
client? The output I'm getting is:

You need to modify the "cn=schema,cn=config" within the config naming context, and changes will be reflected into the "cn=subschema" entry.

[root@pam ~]# ldapmodify -H ldap://host -D cn=root -w passwd -x -ZZ -a -f /usr/share/doc/krb5-server-ldap-1.6.2/kerberos.ldif
ldapmodify: invalid format (line 5) entry: "cn=schema"

This error indicates a malformed LDIF. You should check whether line 5 of the entry "cn=schema" is correct. This has nothing to do with OpenLDAP's slapd: the error is detected at the client side.


Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it