[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: additional info: objectClasses: value #0 invalid per syntax



Jimmy Royer wrote:
Hello,

I am starting out with openldap and I don't know it that much. I got
the error mentioned in the title when trying to add an object class,
which is apparently a very common one per my google searches. I've
read that common causes are:

* extraneous white space (especially trailing white space)
* improperly encoded characters (LDAPv3 uses UTF-8 encoded Unicode)
* empty values (few syntaxes allow empty values)

This is the object class file I am trying to add, I picked it as an
example on some website, to have something minimal and make it easier
to test:

# cat exObjectClasses.ldif
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 2.16.840.1.113730.3.2.2.9
  NAME 'blogger'
  DESC 'Someone who has a blog'
  SUP inetOrgPerson STRUCTURAL
  MAY blog )

I've checked if there was any trailing spaces at the end with the following:

# cat -vte exObjectClasses.ldif
dn: cn=schema$
changetype: modify$
add: objectClasses$
objectClasses: ( 2.16.840.1.113730.3.2.2.9$
  NAME 'blogger'$
  DESC 'Someone who has a blog'$
  SUP inetOrgPerson STRUCTURAL$
  MAY blog )$

I've made sure the file is UTF-8:

# iconv -f ASCII -t UTF-8 exObjectClasses.ldif > exObjectClasses.ldif.utf8

Redundant. 7-bit ASCII is already valid UTF-8. And if you had any stray 8-bit ASCII characters in there, they obviously would be erroneous and should be deleted, not converted to UTF-8.

Most likely you trimmed too many spaces. Read the ldif(5) manpage.

Also, cn=schema is not a user modifiable entry in OpenLDAP. If you want to add new schema you must add it to cn=schema,cn=config.

Seems like, given that you haven't mentioned cn=config, you're probably using a pretty old version of OpenLDAP as well.

And I don't think there are any empty values defined in the LDIF file.
So when I type this command, I still have the "invalid per syntax
error:

# ldapmodify -x -W -H "ldaps://127.0.0.1" -D
cn=Manager,dc=modelsolv,dc=com -f exObjectClasses.ldif
Enter LDAP Password:
modifying entry "cn=schema"
ldap_modify: Invalid syntax (21)
         additional info: objectClasses: value #0 invalid per syntax

I was able to add a few entries in LDAP so far. So I know I am able to
reach the server, the connection is fine, and LDAP is somewhat
functional. But I can't modify the schema with objectclasses.

Is there anything obvious that I am doing wrong? Do you have any
recommendation for debugging further?

Regards,
Jimmy Royer




--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/