[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dc attribute not allowed





--On Saturday, January 24, 2004 8:06 PM -0800 "Loren M. Lang" <lorenl@alzatex.com> wrote:

On Sat, Jan 24, 2004 at 02:02:00PM +0100, Peter Marschall wrote:
Hi,

On Saturday 24 January 2004 07:46, Loren M. Lang wrote:
> I'm trying to add entries into an openldap database base, but it keeps
> rejecting the entries.  I tried adding the following:
>
> dn: dc=tallye, dc=com
> objectClass: person
> cn: B
> sn: s
>
> but ldapadd gives me the error message:
>     additional info: naming attribute 'dc' is not present in entry
> So I added the dc entry as follows:
>
> dn: dc=tallye, dc=com
> objectClass: person
> dc: tallye
> cn: B
> sn: s
>
> And now it gives me the following error message:
>     additional info: attribute 'dc' not allowed
> I can't figure out what's wrong.  I'm using OpenLDAP-2.1.23 on FreeBSD
> 4.9.  Please CC me as I don't think I've subscribed correctly.

Objectclass person does not allow the attribute dc.


But why does it complain about it missing when I don't include it?

Because when you declare a DN, like dc=tallye, that component must also appear as a member of the entry.


Examples:

cn=quanah,cn=accounts,dc=stanford,dc=edu
is my account dn.

cn: quanah

must appear in the entry.

dc=stanford,dc=edu

dc: stanford

must appear in the entry.

etc.

You have multiple problems with your LDIF.

You need to use objectClasses that correspond to your attributes.

--Quanah



--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html