Hi
I'm an LDAP newb. I've got an LDIF file (see below), and a running
slapd. I'm trying to create an LDAP database (I think that's the right
word) by running a command of the form "slapadd -l foo.ldif".
In particular, I need to write a slapd.conf entry that matches my LDIF
file. Now, for those of you with your fingers already on the keys
r,t,f, and m: Yes I've read the docs on openldap.org: OK, it's a
tree-like structure, whose nodes are "objects" in the OOP sense of the
word. Fine. But how do I create such a structure (other than the one
given as an example)? If someone can help me do this, I may even try
to write up some documentation for the next guy.
Now, my LDIF file looks like the following, multiplied by a factor of
a few hundred. That is, you can think of the following as one entry of
a few hundred entries:
dn: uid=bobj,ou=People,o=cs.foo.edu
mail: bobj@cs.foo.edu
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Bob Jones
uid: bobj
givenname: Bob
sn: Jones
facsimiletelephonenumber: +1 718 555 1234
userpassword: {crypt}
postaladdress: 1 Main Street$Suburbia, NY$USA$12345
roomnumber: 123
homepostaladdress: 234-1234 Pink St$Suburbia, NY$12345
homephone: 718-555-2345
telephonenumber: +1 718 718-555-3456
labeleduri: http://www.cs.foo.edu/~bobj
description: Faculty
dn: nsLIProfileName=bobj, ou=Roaming, o=cs.foo.edu
objectclass: top
objectclass: nsLIProfile
nsliprofilename: bobj
owner: uid=bobj,ou=People,o=cs.foo.edu
Does that make sense? Imagine that this file fell from outer space and
landed at my feet (i.e. don't yell at me if it doesn't make sense, but
suggest an alternative.)
My slapd.conf (the database definitions section of it, at any rate)
looks like this:
database ldbm
suffix "ou=People,o=cs.foo.edu"
rootdn "cn=Manager,dc=cs,dc=foo,dc=edu"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw secret
# rootpw {crypt}ijFYNcSNctBYg
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/lib/ldap
# Indices to maintain
# index objectClass,uid,uidNumber,gidNumber,memberUid eq
# index cn,mail,surname,givenname eq,subinitial
# Replicas to which we should propagate changes
# replica host=ldap-1.example.com:389 tls=yes
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/ldap-master.example.com@EXAMPLE.COM
That probably doesn't make sense. It's basically the default
slapd.conf that comes with the RedHat9 openldap package, with the
uncommented things written by me, and some stuff I didn't trust
commented out.
This is what happens next:
[root@okocim ldap]# slapadd -v -l userinfo.ldif
slapadd: could not add entry dn="uid=bobj,ou=People,o=cs.foo.edu"
(line=17)
I'm running my slapd with "-d 1" and I don't see any errors on its
console.
-chris