Re: LDAP

[Buchan Milne <bgmilne@staff.telkomsa.net>]

On Monday 18 February 2008 15:54:28 Aravind Arjunan wrote:
> when am trying to add ldapuser.ldif am getting this error.
>
>
> [root@server ~]# ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f
> /etc/openldap/ldapusers.ldif
> Enter LDAP Password:
> adding new entry "uid=ldapuser,ou=People,cn=Manager,dc=example,dc=com"
> ldap_add: No such object (32)
>         matched DN: cn=Manager,dc=example,dc=com
>

The logical conclusion from the error message above is that 
ou=People,cn=Manager,dc=example,dc=com doesn't exist.

> This is my ldapuser.ldif
>
> dn: uid=ldapuser,ou=People,cn=Manager,dc=example,dc=com

This is a bit of a weird structure ...

> uid: ldapuser
> cn: Manager
> ou: People
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> objectClass: shadowAccount
> userPassword: {crypt}c3ZWmT7fM2thY
> shadowLastChange: 13927
> shadowMax: 99999
> shadowWarning: 7
> loginShell: /bin/bash
> uidNumber: 507
> gidNumber: 100
> homeDirectory: /home/ldapuser
>
>
> And is it necessary to extract the information of ldapuser from /etc/passwd
> file and for
> linux root account and extracted the /etc/passwd data into an ldif file and
> imported to
> that database.

If you want to create the directory /opt/myapp/foo, you need to 
create /opt/myapp first (ok, so mkdir -p lets you do it in one command). 
Similarly, no matter how you are creating accounts, the parents need to be 
created. The PADL migration tools will create some of them for you 
(migrate_base.pl), but they do make some assumptions ... and you have to run 
the tools in the right order.

Note: you may want to look at all the features before doing a final migration 
(objectclass inetOrgPerson may be preferable over objectclass account).

Regards,
Buchan