[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify error

To: Madalina Baltatu <baltatu@athena.polito.it>
Subject: Re: ldapmodify error
From: "Kurt D. Zeilenga" <kurt@boolean.net>
Date: Thu, 16 Dec 1999 16:40:05 -0800
Cc: openldap-bugs@OpenLDAP.org
In-reply-to: <9912021347.AA16141@giunone.polito.it>

At 02:47 PM 12/2/99 GMT, Madalina Baltatu wrote:
>Hello to everybody.
>
>I'm running OpenLDAP 1.2.7 on a Solaris 2.7 system. I'm using LDAP as a 
>certificate 
>repository for an experimental CA.
>I'm trying to add a new "userCertificate;binary" attribute to en entry which 
>already 
>has an userCertificate attribute.

OpenLDAP doesn't support attribute type options.  This is an
LDAPv3 feature.

You, however, can define "userCertificate;binary" as it's own
attribute type (of syntax 'bin').

>When the der file which contains the new 
>certificate has the same size as the der file which contains the already 
>inserted certificate, ldapmodify will return an error "ldap_modify: Type or 
>value exists", even if the two der files (i.e., the two certs) are different 
>(they only happen to have the same number of bytes).

Because you liked didn't define "userCertificate;binary" as an
attribute type of syntax 'bin', slapd did a 'cis' comparison.

>For other entries which 
>have 2 or more certificates with the der encodings of different sizes this 
>problem doesn't appear. 
>Is this a software bug?

no.

>How can I have it fixed?

add:

attribute	userCertificate;binary	bin

to your slapd.conf (or *.at.conf) file.


----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>

References:
- ldapmodify error
  - From: Madalina Baltatu <baltatu@athena.polito.it>

Prev by Date: Re: substring searches very broken HELP HELP URGENT :-( (ITS#402)
Next by Date: Trouble found: substring searches very broken (ITS#402)
Index(es):
- Chronological
- Thread