Re: serviceSearchDescriptor problem.

[masarati@aero.polimi.it]

> Hey,
> I'm having a problem setting up an openLDAP database. I've installed it,
> configured it (that took a while, OpenLDAP should realy supply a script to
> do it manualy) and set my server to use it for authentication (as well as
> the /etc/passwd file). But now i want to configure the server to work with
> the sudoers file so users can use the "sudo" command. Here is where i'm
> having problems. I folowed this guide:
> http://georgia.ubuntuforums.org/showthread.php?p=9121830
> <http://georgia.ubuntuforums.org/showthread.php?p=9121830#post9121830>And
> i
> came to the part where i need to insert this code into the database with
> ldapadd:
>
>
> dn: ou=SUDOers,dc=prvi-dijak,dc=si
> objectClass: top
> objectClass: organizationalUnit
> ou: SUDOers
> serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com
>
>
> But here is where i run into a problem. The server always gives out an
> error, like this:
>
>
> ldapadd -f sudoWork/sudoMaster.ldif -h 127.0.0.1 -D
> cn=admin,dc=prvi-dijak,dc=si -W -x
> Enter LDAP Password:
> adding new entry "ou=SUDOers,dc=prvi-dijak,dc=si"
> ldap_add: Undefined attribute type (17)
>         additional info: serviceSearchDescriptor: attribute type undefined
>
>
> And i have no idea why. I also tried to do it manualy. I added the
> organizationalUnit with "phpLDAPadmin" but i can not find the
> serviceSearchDescriptor attribute anywhere. Could you advise me on how to
> fix this problem?

It comes from here <http://tools.ietf.org/html/rfc4876>.  Not sure whether
you can find that schema already formatted for use in OpenLDAP, but it
should be trivial.  Please read carefully that document before you
proceed: the IESG note starts with "This RFC is not a candidate for any
level of Internet Standard."

p.

p.