[Date Prev][Date Next] [Chronological] [Thread] [Top]

When adding a user with "directory administrator" I get ...

To: Manuel Amador <amadorm@zeus.usm.edu.ec>
Subject: When adding a user with "directory administrator" I get ...
From: Douglas Phillipson <dougp@intermind.net>
Date: Fri, 18 Oct 2002 08:00:41 -0700
References: <3DAC2E25.40300@intermind.net> <1034807185.3dade791c2d42@www.usm.edu.ec>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1) Gecko/20020826

Im sorry to bother you again but I just can't seem to get started here. I tried using the migration tools to add users hoping the ou would get created. But here is what I get when adding one user with the following ldif file creted by "migrate_passwd":

==============================================
dn: uid=engebrec,ou=People,dc=oem,dc=doe,dc=com
uid: engebrec
cn: Network Engineer
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}OGS6/pkXEUiAA
loginShell: /bin/csh
uidNumber: 1069
gidNumber: 14
homeDirectory: /home/engebrec
gecos: Network Engineer
==============================================

Result follows:

ldapadd -v -D "cn=Manager,dc=oem,dc=doe,dc=gov" -W -f oneuser.ldif
Enter LDAP Password:
add uid:
       engebrec
add cn:
       Network Engineer
add objectClass:
       account
       posixAccount
       top
add userPassword:
       {crypt}OGS6/pkXEUiAA
add loginShell:
       /bin/csh
add uidNumber:
       1069
add gidNumber:
       14
add homeDirectory:
       /home/engebrec
add gecos:
       Network Engineer
adding new entry uid=engebrec,ou=People,dc=oem,dc=doe,dc=com
ldap_add: No such object

What object is missing? Do I need to define and of the above stuff, like uidNumber or the others somewhere in a file? I'm missing something fundamental here...

I was able to add users this way:

dn: cn=Larry Snowden, dc=oem,dc=doe,dc=gov
cn: Larry Snowden
cn: Larry the Looter
objectClass: person
sn: Snowden

dn: cn=Douglas Phillipson, dc=oem,dc=doe,dc=gov
cn: Douglas S Phillipson
cn: Doug P
objectClass: person
sn: Phillipson

What is the difference?


Manuel Amador wrote:

Quoting Douglas Phillipson <dougp@intermind.net>:
First I want to thank you from the bottom of my heart for donig such great OpenSource work. I really appreciate it.
Now on to the questions:
I can "connect" to my new LDAP server with your tool but when attempting
to create a group or a user I get: "Invalid DN syntax"
You most probably have a virgin directory, that is, it´s completely empty. My suggestion would be to populate your directory using the PADL.com MigrationTools that will copy your network information into the directory.
Also how do I get create organizational units to select from?  Should a
"ou" be in slapd.conf? Do I have to do that from outside the tool?  Are
they even required?
Yes. OUs are needed, but sadly, DA doesn't allow you to create an OU yet. That is, however, planned for future versions. MigrationTools will create tjhe appropriate OUs for each kind of data your directory will have =)

Does anyone that you know of have some good detailed examples of ldap config files and ldapadd command usage? All the stuff on the web is terrible.
That's so true.
Need lots of examples! After I figure all this out I'm posting my experiences to the openldap listserver...
I have a very basic setup to get started:
=========================================================
slapd.conf:
include         /etc/openldap/schema/core.schema
pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
access to *
       by self write
       by users read
       by anonymous auth
database        ldbm
suffix          "dc=my-domain,dc=com"
rootdn          "cn=Manager,dc=my-domain,dc=com"
rootpw          secret
directory       /var/lib/ldap
index   objectClass     eq
=========================================================
Here is some output from slapd when adding a user:
Oct 15 07:50:16 athlon slapd[5487]: conn=0 op=9 SRCH base="cn=my-domain,cn=com" scope=2 filter="(objectClass=posixGroup)" Oct 15 07:50:16 athlon slapd[5487]: conn=0 op=9 RESULT tag=101 err=32 text= Oct 15 07:50:30 athlon slapd[5487]: conn=0 op=10 SRCH base="cn=my-domain,cn=com" scope=2 filter="(objectClass=posixAccount)" Oct 15 07:50:30 athlon slapd[5487]: conn=0 op=10 RESULT tag=101 err=32 text= Oct 15 07:50:30 athlon slapd[5487]: conn=0 op=11 SRCH base="cn=my-domain,cn=com" scope=2 filter="(&(objectClass=posixGroup)(badfilter))" Oct 15 07:50:30 athlon slapd[5487]: conn=0 op=11 RESULT tag=101 err=32 text= Oct 15 07:50:30 athlon slapd[5487]: do_add: invalid dn (uid=dphillipson,) Oct 15 07:50:30 athlon slapd[5487]: conn=0 op=12 RESULT tag=105 err=34
text=invalid DN
Yep.  You definitely need to populate your directory with the MigrationTools.
luck,
  Manuel Amador (Rudd-O)
  http://www.usm.edu.ec/~amadorm/

--

Prev by Date: Re: ldap_bind Invalid DN entry?!?!
Next by Date: adding new entries to db
Index(es):
- Chronological
- Thread