Hello, I tried to create a new objectclass and a new attribute to develop scripts to use against an ActiveDirectory. objectlass=user attribute=sAMAccountName I have a new test.schema: attributetype ( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) objectclass ( 1.2.840.113556.1.5.9 NAME 'user' DESC 'a user' SUP inetOrgPerson STRUCTURAL MUST ( cn ) MAY ( sAMAccountName ) ) This is included in slapd.conf: include ./schema/core.schema include ./schema/cosine.schema include ./schema/nis.schema include ./schema/inetorgperson.schema include ./schema/openldap.schema include ./schema/pmi.schema include ./schema/ppolicy.schema include ./schema/dyngroup.schema include ./schema/test.schema I tried to modify a dummy user after restart ldap. modify.ldif: dn: cn=test test,ou=Benutzer,ou=Netzwerk,dc=network,dc=de changetype: modify add: sAMAccountName sAMAccountName: test I used the ldapmodify tool: ldapmodify -a -x -D "cn=admin,dc=network,dc=de" -w passwd -H ldap:// -f d:\modify.ldif Eintrag cn=test test,ou=Benutzer,ou=Netzwerk,dc=network,dc=de wird geändert ldap_modify: Objektklassenverletzung ldap_modify: Zusätzliche Info: attribute 'sAMAccountName' not allowed Can someone explain to me where is the mistake? Regards, Alex |