[Date Prev][Date Next]
Re: Problems importing ppolicy LDIF: LDAP_INVALID_SYNTAX
Perhaps try man slapo_ppolicy - it should hopefully provide the limits and acceptable values and compare with your ldif to find the cause of "Error description: An invalid attribute value was specified."
Alternative: reduce the number of attributes (divide and conquer) to find the culprit.
Perhaps also checking the schema file for the limits or acceptable values.
Chris Jacobs, Systems Administrator
Apollo Group | Apollo Marketing | Aptimus
2001 6th Ave Ste 3200 | Seattle, WA 98121
phone: 206.839-8245 | cell: 206.601.3256 | Fax: 208.441.9661
----- Original Message -----
From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
To: Chris Jacobs
Cc: 'firstname.lastname@example.org' <email@example.com>
Sent: Thu Jan 13 00:11:17 2011
Subject: Re: Problems importing ppolicy LDIF: LDAP_INVALID_SYNTAX
13.01.2011 12:59, Chris Jacobs пишет:
> That appears to be the point.
> See: http://www.openldap.org/software/man.cgi?query=ppolicy&apropos=0&sektion=0&manpath=OpenLDAP+2.3-Release&format=html
> ... No results.
> Also look for the ppolicy in:
> ... It's not there.
> Where did you get the schema and the libraries necessary?
The ppolicy schema is provided by
The overlays are provided by
do not cause slaptest's protests.
> FWIW: the password policy and MUCH more reliable syncing between servers is why we upgraded in
> my shop (turned off the old 2.3 master last week after finally overcoming last hurdles: solaris and use by other custom systems.)
The 2.3.* is the current version available from CentOS standard
Switching to 2.4.* (welcome, endless sequences of configure/make/make
install) will only be the last resort if anything else fails. So far,
the mentioned OpenLDAP works fine on both master and slave servers.
So, returning to the original question, is it possible to find why
adding a dn fails? What's wrong with the syntax?
> - chris
> Chris Jacobs, Systems Administrator
> Apollo Group | Apollo Marketing | Aptimus
> 2001 6th Ave Ste 3200 | Seattle, WA 98121
> phone: 206.839-8245 | cell: 206.601.3256 | Fax: 208.441.9661
> email: firstname.lastname@example.org
> ----- Original Message -----
> From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
> To: Quanah Gibson-Mount <email@example.com>
> Cc: firstname.lastname@example.org <email@example.com>
> Sent: Wed Jan 12 23:38:54 2011
> Subject: Re: Problems importing ppolicy LDIF: LDAP_INVALID_SYNTAX
> 13.01.2011 11:55, Quanah Gibson-Mount пишет:
>> --On January 13, 2011 11:42:29 AM +0600 Konstantin Boyandin
>> <firstname.lastname@example.org> wrote:
>>> OpenLDAP version: 2.3.43-12 (CentOS 5.5), 64-bit.
>>> In order to enable ppolicy overlay, I am trying to create the relevant
>>> entries, as specified in
>> I would suggest you compare the version you are running (2.3) with the
>> version that the document you are reading uses (2.4). There is an
>> obvious difference there, and it is a major one. I suggest you run a
>> current supported release of OpenLDAP that matches the documentation you
>> are using.
> Thanks. I opened the 2.3 admin link instead:
> and it has no overlays section at all. That's weird, since I am using
> replication feature and there's a directive
> overlay syncprov
> in /etc/openldap/slapd.conf
> How can I find the reasons for 'Invalid syntax' error in such a situation?
> This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.