Re: ldif

dn:dc=com is the first entry.

Fortunately, I've finally figured it out.  OpenLDAP will not allow you to
manually enter the nodes that make up the root node if you already specified
it in slapd.conf.  So, in my slapd.conf I have the domain suffix set at
'dc=external,dc=equitytg,dc=com' therefore, I cannot manually add an entry
for dc=com or dc=equitytg or dc=external because OpenLDAP implicitly creates
them for me, they just don't tell you this in the documentation.

The only exception to this appears if you want to augment one of the dc
attributes.  EX. My directory follows the DNS naming convention and
therefore the directory's root maps to a real DNS namespace.  Each
sub-domain may have one or more attributes that are unique to that
sub-domain (i.e. the external sub-domain has its own mailserver) therefore,
I need to be able to add additional attributes to the domain component
object.  It is at this point that OpenLDAP will allow you to manually add an
entry that makes up the root even if it is already specified in your
slapd.conf.  It looks like this:

dn: dc=external,dc=equitytg,dc=com
objectclass: top
objectclass: dcObject
objectclass: myAuxiliaryObject
dc: external
mySubdomainSpecificAttribute: someVAlue

Dane Foster
Equity Technology Group, Inc
