[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP Inheritance not working

To: Dieter Klünter <dieter@dkluenter.de>
Subject: Re: OpenLDAP Inheritance not working
From: "Matthew W. Marshall" <Marshall.Matthew@azdeq.gov>
Date: Wed, 11 Feb 2015 17:08:48 +0000
Accept-language: en-US
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-id: <19559595CDF54440B784BD21C4C65335@azdeq.gov>
Content-language: en-US
In-reply-to: <20150211121107.448b84f3@pink.avci.de>
References: <E5B47261-9990-442B-926A-6A4DDC13723A@azdeq.gov> <20150211121107.448b84f3@pink.avci.de>
Thread-index: AQHQRVWLPPrI/Syg00S+zVL6IKrBipzrwYqAgABj74A=
Thread-topic: OpenLDAP Inheritance not working

> 
> On Feb 11, 2015, at 4:11 AM, Dieter Klünter <dieter@dkluenter.de> wrote:
> 
> Am Tue, 10 Feb 2015 17:18:10 +0000
> schrieb "Matthew W. Marshall" <Marshall.Matthew@azdeq.gov>:
> 
>> I’m running into an issue with adding users to LDAP, when I use the
>> following LDIF
>> 
>> dn: mail=jsmith,ou=customers,dc=mydeqcust,dc=org
>> cn: John Smith
>> sn: Smith
>> uid: jsmith
>> mail: jsmith@dev.local<mailto:jsmith@dev.local>
>> objectClass: inetOrgPerson
>> mail: jsmith
>> 
>> it adds fine, however does not show any attributes from
>> OrginizationalPerson or Person. I checked in the slapd.d schema files
>> and all the objectClasses have the correct SUP records. My
>> understanding from the docs at
>> http://www.zytrax.com/books/ldap/apa/ldif-objects.html was that
>> openldap will include the inherited items automatically. I’m running
>> slapd 2.4.39 with the slapd.d config style. Is there an additional
>> option I need to configure?
> [...]
> 
> attribute types cn and sn are required by object class person, uid and
> mail are requested by object class inetOrgPerson. What else do you
> expect?
> 
> -Dieter
> 
> -- 
> Dieter Klünter | Systemberatung
> http://sys4.de
> GPG Key ID: E9ED159B
> 53°37'09,95"N
> 10°08'02,42”E
> 
It looks like it is working as expected, the tool I was using (jxplorer) wasn’t showing the other attributes, however if I add them to an ldif file it does work with ldapadd. After reading some more of the docs, it looks like jxplorer retrieves the list of oc’s from ldap, which if only one was specified only returns one. Thats why I wasn’t seeing the additional attributes in it. The issue originally rose because our devs were using attributes like drink that were not part of inetorgperson, and my attempt to recreate was flawed. 
Sorry about that, but thank you for the quick response.

On a related note, is there a good guide for adding object classes to an OLC configuration? I’m running into some issues, but am sure I’m doing it completely wrong.

Matthew Marshall
Network/Systems Engineer
602-771-4637
Matthew.Marshall@azdeq.gov

**********************************************************************
NOTICE: This e-mail (and any attachments) may contain PRIVILEGED OR CONFIDENTIAL information and is intended only for the use of the specific individual(s) to whom it is addressed. It may contain information that is privileged and confidential under state and federal law. This information may be used or disclosed only in accordance with law, and you may be subject to penalties under law for improper use or further disclosure of the information in this e-mail and its attachments. If you have received this e-mail in error, please immediately notify the person named above by reply e-mail, and then delete the original e-mail. Thank you.

Follow-Ups:
- Re: OpenLDAP Inheritance not working
  - From: Michael Ströder <michael@stroeder.com>

References:
- OpenLDAP Inheritance not working
  - From: "Matthew W. Marshall" <Marshall.Matthew@azdeq.gov>
- Re: OpenLDAP Inheritance not working
  - From: Dieter Klünter <dieter@dkluenter.de>

Prev by Date: ldap_result() timeout zero returns only one result at a time
Next by Date: LMDB b-tree question
Index(es):
- Chronological
- Thread