I'm glad it's fixed. - - Sami On 11/05/2017 17:13, Prentice Bisbal wrote: > Sami, > > Thanks for the tip. Unfortunately, that didn't fix my problem. It > turned out the spaces for indenting was the problem. I would not be > surprised if the lack of a space before the closing parenthesis was a > problem, too, but I can't say for sure due the order of my attempts at > correcting the problem. > > Prentice > > On 05/11/2017 06:15 AM, Sami wrote: >> Hello, >> >> The attribute type description, as per RFC2252, requires a space before >> the closing parenthesis. It might be what's causing the error. >> >> - - >> Sami >> >> On 10/05/2017 22:28, Prentice Bisbal wrote: >>> Hello, >>> >>> I'm in the middle of upgrading our existing LDAP servers to new >>> systems running OpenLDAP 2.4.40 on CentOS 6.9. I have over 10 years of >>> experience managing LDAP directories in relatively simple >>> environments, but this is my first time trying to use the dynamic >>> runtime configuration engine. >>> >>> I'm trying to add all the schemas I need with slapadd before I add a >>> dump of the directory from our old servers with slapadd. I need a >>> kerberos schema, so I copied the kerberos schema from >>> /usr/share/doc/krb5-server-ldap-1.10.3/kerberos.ldif, to >>> /etc/openldap/schema and modified it so it could be added with slapadd >>> rather than ldapmodify, like all the other files in that directory. >>> >>> Here's an example of the start of the file after making those changes: >>> >>> dn: cn=kerberos,cn=schema,cn=config >>> objectClass: olcSchemaConfig >>> cn: kerberos >>> olcAttributeTypes: ( 2.16.840.1.113719.1.301.4.1.1 NAME >>> 'krbPrincipalName' >>> EQUALITY caseExactIA5Match >>> SUBSTR caseExactSubstringsMatch >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) >>> >>> olcAttributeTypes: ( 1.2.840.113554.1.4.1.6.1 >>> NAME 'krbCanonicalName' >>> EQUALITY caseExactIA5Match >>> SUBSTR caseExactSubstringsMatch >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 >>> SINGLE-VALUE) >>> >>> olcAttributeTypes: ( 2.16.840.1.113719.1.301.4.3.1 >>> NAME 'krbPrincipalType' >>> EQUALITY integerMatch >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 >>> SINGLE-VALUE) >>> >>> >>> When I try to add that file with slapadd. I get this error: >>> >>> # slapadd -n0 -F /etc/openldap/slapd.d -l kerberos.ldif >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)): empty >>> AttributeDescription >>> slapadd: could not parse entry (line=1) >>> _# 6.36% eta none elapsed none spd >>> 18.6 M/s >>> Closing DB... >>> >>> Running the same command debugging set to -1, I get the following: >>> >>> >>> 59138493 => str2entry: "dn: cn=kerberos,cn=schema,cn=config >>> objectClass: olcSchemaConfig >>> cn: kerberos >>> olcAttributeTypes: ( 2.16.840.1.113719.1.301.4.1.1 NAME >>> 'krbPrincipalName' >>> EQUALITY caseExactIA5Match >>> SUBSTR caseExactSubstringsMatch >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) >>> " >>> 59138493 >>> dnPrettyNormal: <cn=kerberos,cn=schema,cn=config> >>> 59138493 <<< dnPrettyNormal: <cn=kerberos,cn=schema,cn=config>, >>> <cn=kerberos,cn=schema,cn=config> >>> 59138493 <= str2entry NULL (parse_line) >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)): empty >>> AttributeDescription >>> slapadd: could not parse entry (line=1) >>> 59138493 slapadd shutdown: initiated >>> 59138493 slapadd destroy: freeing system resources. >>> >>> Any ideas what I'm doing wrong? I made similar changes to an autofs >>> schema file, and I was able to add that just fine. Do I need to number >>> each olcAttributeType entry by putting a number in curly braces ({0}, >>> {1,}, etc.) at the start of each olcAttributeTypes entry? >>> >> >
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature