[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapadd operations error



I am trying to setup Openldap version 2.0.23-4 that came with Red Hat. I have modified the slapd.conf file. When I try to use ldapadd to add entries to the database I get an ldap_add:operations error. message.

 

The command that I am using is:

 

ldapadd –v –f /usr/ldap/add.ldif –x –D “cn=Manager, o=CSU, c=US” -W

 

The entire output from that command is

Adding new entry “O=csu, C=us”

Ldap_add: Operations error

 

My ldif file is:

#####################

dn: O=csu,C=us

objectClass: dcObject

objectClass: organization

 

o: AdminServ

o: csu

dn: cn=Manager,o=csu,c=us

objectClass: organizationalRole

cn: Manager

 

My Slapd.conf file is

#################

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include              /etc/openldap/schema/core.schema

include              /etc/openldap/schema/cosine.schema

include              /etc/openldap/schema/inetorgperson.schema

include              /etc/openldap/schema/nis.schema

include              /etc/openldap/schema/redhat/rfc822-MailMember.schema

include              /etc/openldap/schema/redhat/autofs.schema

include              /etc/openldap/schema/redhat/kerberosobject.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral ldap://root.openldap.org

#pidfile  //var/run/slapd.pid

#argsfile            //var/run/slapd.args

# Create a replication log in /var/lib/ldap for use by slurpd.

#replogfile          /var/lib/ldap/master-slapd.replog

# Load dynamic backend modules:

# modulepath     /usr/sbin/openldap

# moduleload     back_ldap.la

# moduleload     back_ldbm.la

# moduleload     back_passwd.la

# moduleload     back_shell.la

#

# The next two lines allow use of TLS for connections using a dummy test

# certificate, but you should generate a proper certificate by changing to

# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on

# slapd.pem so that the ldap user or group can read it.

# TLSCertificateFile /usr/share/ssl/certs/slapd.pem

# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem

#

# Sample Access Control

#          Allow read access of root DSE

#          Allow self write access

#          Allow authenticated users read access

#          Allow anonymous users to authenticate

#

#access to dn="" by * read

#access to *

#          by self write

#          by users read

#          by anonymous auth

#

# if no access controls are present, the default is:

#          Allow read by all

#

# rootdn can always write!

#######################################################################

# ldbm database definitions

#######################################################################

database           ldbm

#suffix               "dc=csuniv,dc=edu"

suffix                 "o=CSU,c=US"

#rootdn             "cn=Manager,dc=csuniv,dc=edu"

rootdn               "cn=Manager,o=CSU,c=US"

# Cleartext passwords, especially for the rootdn, should

# be avoided.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw               <removed>

# rootpw                        {crypt}ijFYNcSNctBYg

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd/tools. Mode 700 recommended.

directory            /usr/ldap

# Indices to maintain

index    objectClass,uid,uidNumber,gidNumber,memberUid           eq

index    cn,mail,surname,givenname                                eq,subinitial

# Replicas to which we should propagate changes

#replica host=ldap-1.example.com:389 tls=yes

#          bindmethod=sasl saslmech=GSSAPI

#          authcId=host/ldap-master.example.com@EXAMPLE.COM

Any Ideas?

 

John