OpenLdap show me an error "additional info: objectClass..."
OpenLdap show me an error "additional info: objectClass..."
Hello.
I used below link for configure my OpenLdap :
http://docs.adaptivecomputing.com/viewp ... .htm#addOU
But when I want to add a user via " ldapadd -f jason.ldif -D cn=Manager,dc=linux,dc=dj -w 1234567" It show me below error :
adding new entry "cn=Jason Long,ou=Users,dc=linux,dc=dj"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #0 invalid per syntax
How can I solve it?
[root@localhost tmp]# cat jason.ldif
dn: cn=Jason Long,ou=Users,dc=linux,dc=dj
cn: Jason Long
sn: Long
objectClass: inetOrgPerson
userPassword: 123456
uid: jason
Any idea?
I used below link for configure my OpenLdap :
http://docs.adaptivecomputing.com/viewp ... .htm#addOU
But when I want to add a user via " ldapadd -f jason.ldif -D cn=Manager,dc=linux,dc=dj -w 1234567" It show me below error :
adding new entry "cn=Jason Long,ou=Users,dc=linux,dc=dj"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #0 invalid per syntax
How can I solve it?
[root@localhost tmp]# cat jason.ldif
dn: cn=Jason Long,ou=Users,dc=linux,dc=dj
cn: Jason Long
sn: Long
objectClass: inetOrgPerson
userPassword: 123456
uid: jason
Any idea?
Re: OpenLdap show me an error "additional info: objectClass.
Lifting from RFC 2798 (inetOrgPerson) I think you have to provide the whole "schema" (all the classes you're using from top downwards) as in (for their example):
version: 1
dn: cn=Barbara Jensen,ou=Product Development,dc=siroe,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Barbara Jensen
cn: Babs Jensen
displayName: Babs Jensen
sn: Jensen
givenName: Barbara
initials: BJJ
etc...
Also ensure you've included the schema defs in you LDAP configuration. BTW, inetOrgPerson alone is not very useful for posix style authentication.
version: 1
dn: cn=Barbara Jensen,ou=Product Development,dc=siroe,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Barbara Jensen
cn: Babs Jensen
displayName: Babs Jensen
sn: Jensen
givenName: Barbara
initials: BJJ
etc...
Also ensure you've included the schema defs in you LDAP configuration. BTW, inetOrgPerson alone is not very useful for posix style authentication.
Re: OpenLdap show me an error "additional info: objectClass.
problem not solved
I got same error.
I got same error.
Re: OpenLdap show me an error "additional info: objectClass.
So have you added all the "schema" files to you server config? Could you post the config lines please?
Re: OpenLdap show me an error "additional info: objectClass.
I used this link :
http://docs.adaptivecomputing.com/viewp ... .htm#addOU
and I did step by step of above tutorial.
My config is :
$ cat /etc/openldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_CACERTDIR /etc/openldap/certs
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
http://docs.adaptivecomputing.com/viewp ... .htm#addOU
and I did step by step of above tutorial.
My config is :
$ cat /etc/openldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_CACERTDIR /etc/openldap/certs
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
Re: OpenLdap show me an error "additional info: objectClass.
I don't like to add users as native linux user and then use migration tools.
Re: OpenLdap show me an error "additional info: objectClass.
Yeah, so that's a pretty crap tutorial (IMO - which may be wrong).
Primarily it will not work with POSIX style systems (such as UNIX/Linux) - we're missing passwd and shadopw support!
InetOrgPerson has not and never will provide those attributes!
Perhaps have a look at the GUI client http://jxplorer.org/ (and there are many others available) so you can familiarise yourself with what's happening?
Now in slapd configuration I'd expect to see include statements to include the new schema attributes and classes, whoich (it seems) you do not have. How is LDAP supposed to respond to classes and attributes that it does not know of?
Primarily it will not work with POSIX style systems (such as UNIX/Linux) - we're missing passwd and shadopw support!
InetOrgPerson has not and never will provide those attributes!
Perhaps have a look at the GUI client http://jxplorer.org/ (and there are many others available) so you can familiarise yourself with what's happening?
Now in slapd configuration I'd expect to see include statements to include the new schema attributes and classes, whoich (it seems) you do not have. How is LDAP supposed to respond to classes and attributes that it does not know of?
Fine just use an LDIF (when you've extended LDAP to "know" about those classes and attributes).I don't like to add users as native linux user and then use migration tools.
Re: OpenLdap show me an error "additional info: objectClass.
Thank you so much.
To be honest, I don't want to use any GUI for creating users and...
I want to learn it from command line.
To be honest, I don't want to use any GUI for creating users and...
I want to learn it from command line.