OpenLdap show me an error "additional info: objectClass..."

[hack3rcon]

Hello.
I used below link for configure my OpenLdap :

http://docs.adaptivecomputing.com/viewp ... .htm#addOU

But when I want to add a user via " ldapadd -f jason.ldif -D cn=Manager,dc=linux,dc=dj -w 1234567" It show me below error :

adding new entry "cn=Jason Long,ou=Users,dc=linux,dc=dj"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #0 invalid per syntax

How can I solve it?

[root@localhost tmp]# cat jason.ldif
dn: cn=Jason Long,ou=Users,dc=linux,dc=dj
cn: Jason Long
sn: Long
objectClass: inetOrgPerson
userPassword: 123456
uid: jason

Any idea?

[aks]

Lifting from RFC 2798 (inetOrgPerson) I think you have to provide the whole "schema" (all the classes you're using from top downwards) as in (for their example):
version: 1
dn: cn=Barbara Jensen,ou=Product Development,dc=siroe,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Barbara Jensen
cn: Babs Jensen
displayName: Babs Jensen
sn: Jensen
givenName: Barbara
initials: BJJ
etc...

Also ensure you've included the schema defs in you LDAP configuration. BTW, inetOrgPerson alone is not very useful for posix style authentication.

[hack3rcon]

problem not solved
I got same error.

[aks]

So have you added all the "schema" files to you server config? Could you post the config lines please?

[hack3rcon]

I used this link :

http://docs.adaptivecomputing.com/viewp ... .htm#addOU

and I did step by step of above tutorial.

My config is :

$ cat /etc/openldap/ldap.conf
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never

TLS_CACERTDIR /etc/openldap/certs

# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on

[hack3rcon]

I don't like to add users as native linux user and then use migration tools.

[aks]

Yeah, so that's a pretty crap tutorial (IMO - which may be wrong).
Primarily it will not work with POSIX style systems (such as UNIX/Linux) - we're missing passwd and shadopw support!
InetOrgPerson has not and never will provide those attributes!
Perhaps have a look at the GUI client http://jxplorer.org/ (and there are many others available) so you can familiarise yourself with what's happening?
Now in slapd configuration I'd expect to see include statements to include the new schema attributes and classes, whoich (it seems) you do not have. How is LDAP supposed to respond to classes and attributes that it does not know of?

I don't like to add users as native linux user and then use migration tools.

Fine just use an LDIF (when you've extended LDAP to "know" about those classes and attributes).

[hack3rcon]

Thank you so much.
To be honest, I don't want to use any GUI for creating users and...
I want to learn it from command line.