[Date Prev][Date Next]
RE: ldapd vs. slapd
--On Wednesday, April 18, 2012 08:19:29 AM -0700 "Richards, Toby" <firstname.lastname@example.org> wrote:
So I've followed the suggestion to have only the objectClass inetOrgPerson.
Now I'm told that there's no such object. My LDIF file:
Did you really mean to have dc=org twice?
cn: Toby Richards
Result: ldap_add: No such object (32)
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Brandon Hume
Sent: Tuesday, April 17, 2012 9:16 AM
Subject: Re: ldapd vs. slapd
On 04/17/12 12:47 PM, Richards, Toby wrote:
The above doesn't work. It says that top/account isn't a valid chain.
What happens if you leave out "account"? It's a structural objectclass and
is likely conflicting with inetOrgPerson.
If you check cosine.schema, you'll see the objectclass "account" as being
meant for a computer account. You're essentially adding an entry that says
it's for a person *and* a computer. (A cyborg, maybe?) LDAP wants clear
lines of inheritance.
Infrastructure Delivery Group, Stanford University