[Date Prev][Date Next]
Re: serviceSearchDescriptor problem.
> I'm having a problem setting up an openLDAP database. I've installed it,
> configured it (that took a while, OpenLDAP should realy supply a script to
> do it manualy) and set my server to use it for authentication (as well as
> the /etc/passwd file). But now i want to configure the server to work with
> the sudoers file so users can use the "sudo" command. Here is where i'm
> having problems. I folowed this guide:
> came to the part where i need to insert this code into the database with
> dn: ou=SUDOers,dc=prvi-dijak,dc=si
> objectClass: top
> objectClass: organizationalUnit
> ou: SUDOers
> serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com
> But here is where i run into a problem. The server always gives out an
> error, like this:
> ldapadd -f sudoWork/sudoMaster.ldif -h 127.0.0.1 -D
> cn=admin,dc=prvi-dijak,dc=si -W -x
> Enter LDAP Password:
> adding new entry "ou=SUDOers,dc=prvi-dijak,dc=si"
> ldap_add: Undefined attribute type (17)
> additional info: serviceSearchDescriptor: attribute type undefined
> And i have no idea why. I also tried to do it manualy. I added the
> organizationalUnit with "phpLDAPadmin" but i can not find the
> serviceSearchDescriptor attribute anywhere. Could you advise me on how to
> fix this problem?
It comes from here <http://tools.ietf.org/html/rfc4876>. Not sure whether
you can find that schema already formatted for use in OpenLDAP, but it
should be trivial. Please read carefully that document before you
proceed: the IESG note starts with "This RFC is not a candidate for any
level of Internet Standard."