Re: dc attribute not allowed

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Saturday, January 24, 2004 8:06 PM -0800 "Loren M. Lang" 
<lorenl@alzatex.com> wrote:

> On Sat, Jan 24, 2004 at 02:02:00PM +0100, Peter Marschall wrote:
> > Hi,
> >
> > On Saturday 24 January 2004 07:46, Loren M. Lang wrote:
> > > I'm trying to add entries into an openldap database base, but it keeps
> > > rejecting the entries.  I tried adding the following:
> > >
> > > dn: dc=tallye, dc=com
> > > objectClass: person
> > > cn: B
> > > sn: s
> > >
> > > but ldapadd gives me the error message:
> > >     additional info: naming attribute 'dc' is not present in entry
> > > So I added the dc entry as follows:
> > >
> > > dn: dc=tallye, dc=com
> > > objectClass: person
> > > dc: tallye
> > > cn: B
> > > sn: s
> > >
> > > And now it gives me the following error message:
> > >     additional info: attribute 'dc' not allowed
> > > I can't figure out what's wrong.  I'm using OpenLDAP-2.1.23 on FreeBSD
> > > 4.9.  Please CC me as I don't think I've subscribed correctly.
> >
> > Objectclass person does not allow the attribute dc.
>
> But why does it complain about it missing when I don't include it?

Because when you declare a DN, like dc=tallye, that component must also 
appear as a member of the entry.

Examples:

cn=quanah,cn=accounts,dc=stanford,dc=edu
is my account dn.

cn: quanah

must appear in the entry.

dc=stanford,dc=edu

dc: stanford

must appear in the entry.

etc.

You have multiple problems with your LDIF.

You need to use objectClasses that correspond to your attributes.

--Quanah



--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html