Re: Error adding schema: empty AttributeDescription

[Prentice Bisbal <pbisbal@pppl.gov>]

Sami,

Thanks for the tip. Unfortunately, that didn't fix my problem. It turned 
out the spaces for indenting was the problem. I would not be surprised 
if the lack of a space before the closing parenthesis was a problem, 
too, but I can't say for sure due the order of my attempts at correcting 
the problem.

Prentice

On 05/11/2017 06:15 AM, Sami wrote:
> Hello,
>
> The attribute type description, as per RFC2252, requires a space before
> the closing parenthesis. It might be what's causing the error.
>
> - -
> Sami
>
> On 10/05/2017 22:28, Prentice Bisbal wrote:
> > Hello,
> >
> > I'm in the middle of upgrading our existing LDAP servers to new
> > systems running OpenLDAP 2.4.40 on CentOS 6.9. I have over 10 years of
> > experience managing LDAP directories in relatively simple
> > environments, but this is my first time trying to use the dynamic
> > runtime configuration engine.
> >
> > I'm trying to add all the schemas I need with slapadd before I add a
> > dump of the directory from our old servers with slapadd. I need a
> > kerberos schema, so I copied the kerberos schema from
> > /usr/share/doc/krb5-server-ldap-1.10.3/kerberos.ldif, to
> > /etc/openldap/schema and modified it so it could be added with slapadd
> > rather than ldapmodify, like all the other files in that directory.
> >
> > Here's an example of the start of the file after making those changes:
> >
> > dn: cn=kerberos,cn=schema,cn=config
> > objectClass: olcSchemaConfig
> > cn: kerberos
> > olcAttributeTypes: ( 2.16.840.1.113719.1.301.4.1.1 NAME
> > 'krbPrincipalName'
> >                  EQUALITY caseExactIA5Match
> >          SUBSTR caseExactSubstringsMatch
> >                  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
> >
> > olcAttributeTypes: ( 1.2.840.113554.1.4.1.6.1
> >                  NAME 'krbCanonicalName'
> >                  EQUALITY caseExactIA5Match
> >                  SUBSTR caseExactSubstringsMatch
> >                  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
> >                  SINGLE-VALUE)
> >
> > olcAttributeTypes: ( 2.16.840.1.113719.1.301.4.3.1
> >                  NAME 'krbPrincipalType'
> >                  EQUALITY integerMatch
> >                  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
> >                  SINGLE-VALUE)
> >
> >
> > When I try to add that file with slapadd. I get this error:
> >
> > # slapadd  -n0 -F /etc/openldap/slapd.d -l kerberos.ldif
> >                 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)): empty
> > AttributeDescription
> > slapadd: could not parse entry (line=1)
> > _#                      6.36% eta   none elapsed            none spd
> > 18.6 M/s
> > Closing DB...
> >
> > Running the same command debugging set to -1, I get the following:
> >
> >
> > 59138493 => str2entry: "dn: cn=kerberos,cn=schema,cn=config
> > objectClass: olcSchemaConfig
> > cn: kerberos
> > olcAttributeTypes: ( 2.16.840.1.113719.1.301.4.1.1 NAME
> > 'krbPrincipalName'
> >                  EQUALITY caseExactIA5Match
> >          SUBSTR caseExactSubstringsMatch
> >                  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
> > "
> > 59138493 >>> dnPrettyNormal: <cn=kerberos,cn=schema,cn=config>
> > 59138493 <<< dnPrettyNormal: <cn=kerberos,cn=schema,cn=config>,
> > <cn=kerberos,cn=schema,cn=config>
> > 59138493 <= str2entry NULL (parse_line)
> >                 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)): empty
> > AttributeDescription
> > slapadd: could not parse entry (line=1)
> > 59138493 slapadd shutdown: initiated
> > 59138493 slapadd destroy: freeing system resources.
> >
> > Any ideas what I'm doing wrong? I made similar changes to an autofs
> > schema file, and I was able to add that just fine. Do I need to number
> > each olcAttributeType entry by putting a number in curly braces ({0},
> > {1,}, etc.) at the start of each olcAttributeTypes entry?