[Date Prev][Date Next] [Chronological] [Thread] [Top]

AW: Trying to add vacation.schema - object class violation error

To: "'Quanah Gibson-Mount'" <quanah@zimbra.com>, <openldap-technical@openldap.org>
Subject: AW: Trying to add vacation.schema - object class violation error
From: "Andreas" <andreas@kado-web.de>
Date: Sat, 17 Dec 2011 15:40:04 +0100
In-reply-to: <4245B7D2AA2AED8B05581EB9@[192.168.1.45]>
References: <0LejD4-1QwUNH2aY2-00qVV7@mrelayeu.kundenserver.de> <4245B7D2AA2AED8B05581EB9@[192.168.1.45]>
Thread-index: Acy8LKdmaKTcWI7YQRCC+2JhKH6qEwAnFPsg

Thanks Quanah,

can you tell me how to import the objectClass to my entries ?

Regards
Andreas

-----Ursprüngliche Nachricht-----
Von: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] Im Auftrag von Quanah
Gibson-Mount
Gesendet: Freitag, 16. Dezember 2011 20:42
An: Andreas Cieslak; openldap-technical@openldap.org
Betreff: Re: Trying to add vacation.schema - object class violation error

--On Friday, December 16, 2011 2:28 PM +0100 Andreas Cieslak 
<andreas@kado-web.de> wrote:

>
>
> Hi list,
>
>
>
> I need some urgent advices on the openldap-scheme extension.
>
> My openldap version is slapd 2.4.23 on a debian squezze machine.
>
>
>
> When I try to activate vacation on the webmail-system roundcube (the
> webmailer and the plugins are working fine) it says the the activation is
> stored, but when I have a look into the logs of round cube, they say:
>
> [16-Dec-2011 11:20:29] Could not add new values to attribute
> vacationActive: Object class violation: LDAP_OBJECT_CLASS_VIOLATION (65):
>
> [16-Dec-2011 11:20:29] Could not modify entry: Could not add new values
> to attribute vacationActive: Object class violation:
> LDAP_OBJECT_CLASS_VIOLATION:  (1000):
>
>
>
> The slapd-logs shows the following when I try to activate vacation:
>
>
>
> conn=1221 op=4 MOD dn="cn=admin,dc=domain,dc=de"
>
> slapd[14608]: conn=1221 op=4 MOD attr=vacationActive
>
> serv slapd[14608]: slap_queue_csn: queing 0xb58969b6
> 20111216110200.012914Z#000000#000#000000
>
> serv slapd[14608]: Entry (cn=ldapadmin,dc=folkwang-hochschule,dc=de),
> attribute 'vacationActive' not allowed
>
> serv slapd[14608]: entry failed schema check: attribute 'vacationActive'
> not allowed
>
> serv slapd[14608]: conn=1221 op=4 RESULT tag=103 err=65 text=attribute
> 'vacationActive' not allowed
>
>
>
> The following is my vacation.schema which I add to /etc/ldap/slapd.conf:
>
>
>
> attributetype ( 1.3.6.1.4.1.39116.1.1.11
>
>         NAME 'vacationActive'
>
>         SINGLE-VALUE
>
>         EQUALITY booleanMatch
>
>         DESC 'A flag, for marking the user as being away'
>
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
>
> attributetype ( 1.3.6.1.4.1.39116.1.1.12
>
>         NAME 'vacationInfo'
>
>         SINGLE-VALUE
>
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>
>         DESC 'Absentee note to leave behind, while on vacation'
>
>         EQUALITY octetStringMatch )
>
> attributetype ( 1.3.6.1.4.1.39116.1.1.13
>
>         NAME 'vacationStart'
>
>         SINGLE-VALUE
>
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>
>         DESC 'Beginning of vacation'
>
>         EQUALITY octetStringMatch )
>
> attributetype ( 1.3.6.1.4.1.39116.1.1.14
>
>         NAME 'vacationEnd'
>
>         SINGLE-VALUE
>
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>
>         DESC 'End of vacation'
>
>         EQUALITY octetStringMatch )
>
> attributetype (1.3.6.1.4.1.39116.1.1.15
>
>         NAME 'vacationForward'
>
>         EQUALITY caseIgnoreIA5Match
>
>         SUBSTR caseIgnoreIA5SubstringsMatch
>
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
>
>         DESC 'Where to forward mails to, while on vacation' )
>
>#
>
># Objects start here
>
>#
>
> objectclass ( 1.3.6.1.4.1.39116.1.2.10 NAME 'vacation'
>
>         SUP top AUXILIARY
>
>         DESC 'Users vacation status information'
>
>         MUST vacationActive
>
>         MAY ( vacationInfo $ vacationStart $ vacationEnd $
> vacationForward ) )
>
>
>
> I imported a user with the object class vacation and the attributes
> vacationActive, vacationInfo ? into my ldap database.
>
> There the import looks fine.
>
> The user has got the privileges to modify the vacation attributes.
>
> But when I try to modify the entries via vacation-plugin on roundcube,
> the above errors occur.
>
> Can anybody give me some advices, please?

You need to add the vacation objectClass to your entries first, apparently. 
If you look at the logged operation, the utility you are using does not try 
to *add* anything.  Just *MOD* what it feels should be an existing 
attribute.  Obviously if the tool was well written, it would check to see 
if the entry actually had the vacation objectClass first, and then add it 
if it was missing, along with the required attributes.

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Follow-Ups:
- AW: Trying to add vacation.schema - object class violation error
  - From: "Andreas Cieslak" <andreas@kado-web.de>

References:
- Trying to add vacation.schema - object class violation error
  - From: "Andreas Cieslak" <andreas@kado-web.de>
- Re: Trying to add vacation.schema - object class violation error
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: Re: your mail (should be: glibc defining peercred)
Next by Date: Password Policy
Index(es):
- Chronological
- Thread