[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: eduPerson object not working

To: Theodore Knab <tjk@annapolislinux.org>
Subject: Re: eduPerson object not working
From: Charlie Reitsma <reitsmac@denison.edu>
Date: Sun, 31 Mar 2002 12:21:34 -0500
Cc: openldap-software@OpenLDAP.org
References: <20020330224958.GA28782@annapolislinux.org>

Michael Gettes released the eduPerson schema as an LDAP change file. It expects a
version 3 compatible LDAP that contains the schema as an object that can be changed
while the server is running. OpenLDAP does not implement this (yet). Is iPlanet the
only implementation? Someone needs to convert the change file to a schema file that is
usable by OpenLDAP. I've heard of several people doing it and a lot of people say it
should not be difficult but I've never seen anyone release their copy for inspection or
use. Since it only adds 6 attributes and the changefile does provide all the details it
really should not be hard to convert. But here I've been trying to learn LDAP for the
past year and I still have not done it.

Michael Gettes has also indicated in conferences that he made a mistake in the
changefile. He made the eduPerson subordinate to inetOrgPerson but this is not
required.

Theodore Knab wrote:

> I am having some trouble getting the eduPerson object to work.
>
> What am I doing wrong ?
>
> I got the new schema file:
> http://www.georgetown.edu/giia/internet2/ldap-recipe/eduPerson-schema.ldif
>
> I saved it as eduperson.schema in /etc/ldap/schema/.
>
> I have edited my slapd.conf
> ...
> include         /etc/ldap/schema/eduperson.schema
> schemacheck     on
> ...
>
> I added objectclass: eduPerson  into my user.ldif file.
>
> dn: uid=bmarshal,ou=People, dc=washcoll, dc=edu
> uid: bmarshal
> givenname: Brad
> initials: BAM
> cn: Brad Alan Marshall
> sn: Marshall
> o: Washington College
> ou: Office of Information Technology
> objectclass: top
> objectclass: account
> objectclass: posixAccount
> objectclass: shadowAccount
> objectclass: person
> objectclass: organizationalPerson
> objectclass: inetOrgPerson
> objectclass: eduPerson
> mail: bmarshal@washcoll.edu, bradley.alan.marshal@washcoll.edu,
> bam@washcoll.edu
> title: programmer
> jpegPhoto: /var/junk/pictures/bmarshal.jpg
> homepostaladdress: 110 Clove St Chestertown, MD 21401
> homePhone: 410-555-1212
> TelephoneNumber: 410-555-1212
> mobileTelephoneNumber: 443-770-5658
> facsimileTelephoneNumber: 1-800-111-1111
> pagerTelephoneNumber: 1-800-555-1212
> loginshell: /bin/bash
> uidnumber: 500
> gidnumber: 100
> homedirectory: /mnt/home/bmarshal
> userpassword: {crypt}lnbDaz4nb9aQp
> Description: Account info and address info.
>
> ldapmodify  -W -r -D "cn=admin, dc=washcoll, dc=edu" < /etc/openldap/washusers.ldif
>
> modifying entry uid=bmarshal,ou=People, dc=washcoll, dc=edu
> ldap_modify: Object class violation
> ldap_modify: additional info: unrecognized objectClass 'eduPerson'
>
> Mar 30 17:29:21 www slapd[28596]: daemon: conn=9 fd=9 connection from
> IP=127.0.0.1:3510 (IP=0.0.0.0:34049) accepted.
> Mar 30 17:29:21 www slapd[28657]: conn=9 op=0 BIND
> dn="CN=ADMIN,DC=WASHCOLL,DC=EDU" method=128
> Mar 30 17:29:21 www slapd[28657]: conn=9 op=0 RESULT tag=97 err=0 text=
> Mar 30 17:29:21 www slapd[28657]: conn=9 op=1 MOD
> dn="uid=bmarshal,ou=People, dc=washcoll, dc=edu"
> Mar 30 17:29:21 www slapd[28657]:
> entry_check_schema(uid=bmarshal,ou=People, dc=washcoll, dc=edu):
> "unrecognized objectClass 'eduPerson'" not recognized
> Mar 30 17:29:21 www slapd[28657]: entry failed schema check:
> unrecognized objectClass 'eduPerson'
> Mar 30 17:29:21 www slapd[28657]: conn=9 op=1 RESULT tag=103 err=65
> text=unrecognized objectClass 'eduPerson
>
> breezysolutions:/etc/openldap# ls -la /etc/ldap/schema/
> total 145
> drwxr-xr-x    2 root     root         1024 Mar 30 17:03 .
> drwxr-xr-x    3 root     root         1024 Mar 30 01:02 ..
> -rw-------    1 root     root         7535 Mar 29 20:34 corba.schema
> -rw-------    1 root     root        20093 Mar 29 20:34 core.schema
> -rw-------    1 root     root        72238 Mar 29 20:34 cosine.schema
> -rw-------    1 root     root         5024 Mar 30 14:24 eduperson.schema
> -rw-------    1 root     root         5852 Mar 29 20:34
> inetorgperson.schema
> -rw-------    1 root     root        13442 Mar 29 20:34 java.schema
> -rw-------    1 root     root         4047 Mar 29 20:34 krb5-kdc.schema
> -rw-------    1 root     root         1938 Mar 29 20:34 misc.schema
> -rw-------    1 root     root         8344 Mar 29 20:34 nis.schema
> -rw-------    1 root     root          933 Mar 29 20:34 openldap.schema
>
> ---------------------
> Ted Knab

References:
- eduPerson object not working
  - From: Theodore Knab <tjk@annapolislinux.org>

Prev by Date: problems with authentication
Next by Date: Something wrong with colon in attributetype (fwd)
Index(es):
- Chronological
- Thread