Re: help, openldap-2.1.xx, host attribute - I try, try, try....and nothing :(

[François Beretti <francois.beretti@enatel.com>]

Toper a écrit :

> I installed openldap-2.1.22 and I had well-known problem with host attribute:(
> I try to add moja.schema to ldap conf:
> 	include         /etc/openldap/schema/moja.schema
> In moja.schema I had:
> 	attributetype ( 1.3.6.1.4.1.1466.1.1
>       	NAME ( 'host' )
> 	        EQUALITY caseIgnoreIA5Match
> 	        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> 	objectclass ( 1.3.6.1.4.1.1466 NAME 'personalAccount'
> 	        SUP ( inetOrgPerson $ account ) STRUCTURAL )
>
> 	objectClass ( 1.3.6.1.4.1.1466.1.2.1.3.1
> 	        NAME 'host'
> 	        DESC 'inetOrgPerson with accounts on systems'
> 	        SUP personalAccount
> 	        STRUCTURAL
> 	        MAY ( host ) )
> ,but slapd didn't start. I had error message:
> 	/etc/openldap/schema/moja.schema: line 35: Duplicate attributeType: "host"
>  
that means that the 'host' attribute is already defined, in another file 
included in your slapd.conf

> I read http://www.openldap.org/lists/openldap-software/200301/msg00028.html and changed moja.schema:	
> 	objectclass ( 1.3.6.1.4.1.1466.1.2.1.3.1
> 	        NAME 'personOfAccount'
> 	        DESC 'inetOrgPerson with accounts on systems'
> 	        SUP inetOrgperson
> 	        STRUCTURAL
> 	        MAY ( host ) )
> slapd started, but when I try to add test.ldif:
> 	dn: uid=nowak,ou=People,dc=ctlm,dc=pl
> 	changetype: modify
> 	add: host
> 	host: proxy
> I had error mesage:
> 	---- cut -----
> 	modifying entry "uid=nowak,ou=People,dc=ctlm,dc=pl"
> 	ldapadd: update failed: uid=nowak,ou=People,dc=ctlm,dc=pl
> 	ldap_modify: Object class violation (65)
> 	        additional info: attribute 'host' not allowed
> 	---- cut -----
>  
yes, you try to add the host attribute to an entry of class 
'personOfAccount', which has not the attribute 'host' in its definition
so you can't

> in debug of slapd I had:
> 	oc_check_allowed type "host"
> 	Entry (uid=nowak,ou=People,dc=ctlm,dc=pl), attribute 'host' not allowed
> 	entry failed schema check: attribute 'host' not allowed
>
> so, I changed moja.schema:
> 	attributetype ( 1.3.6.1.4.1.1466.1.1
> 	        NAME ( 'host2' )
> 	        EQUALITY caseIgnoreIA5Match
> 	        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> 	objectclass ( 1.3.6.1.4.1.1466 NAME 'personalAccount'
> 	        SUP ( inetOrgPerson $ account ) STRUCTURAL )
>
> 	objectClass ( 1.3.6.1.4.1.1466.1.2.1.3.1
> 	        NAME 'host'
> 	        DESC 'inetOrgPerson with accounts on systems'
> 	        SUP personalAccount
> 	        STRUCTURAL
> 	        MAY ( host2 ) )
> slapd started, but when I try to add test.ldif:
> 	ldapadd -x -D "cn=root,dc=ctlm,dc=pl" -W -f test.ldif
> I have error mesage:
> 	---- cut -----
> 	modifying entry "uid=nowak,ou=People,dc=ctlm,dc=pl"
> 	ldapadd: update failed: uid=nowak,ou=People,dc=ctlm,dc=pl
> 	ldap_modify: Object class violation (65)
> 	        additional info: attribute 'host' not allowed
> 	---- cut -----
>  
yes, you try to add the 'host' attribute while the entry only accept the 
'host2' attribute, according to its objectClass definition

> in debug of slapd I have:
> 	oc_check_allowed type "host"
> 	Entry (uid=nowak,ou=People,dc=ctlm,dc=pl), attribute 'host' not allowed
> 	entry failed schema check: attribute 'host' not allowed
>
> Could anyone write, what is wrong in my moja.schema or test.ldif???
> Please help me....................
>  
a few solutions :
1) just remove your 'host' attribute definition, but not its reference 
in the 'personOfAccount' objectClass definition,
and check that the already-defined 'host' attribute match you requirements
2) remove the reference to the file where the 'host' attribute was 
previously defined, if you don't need this file
3) define a 'host2' attribute, use it in your objectclass, and don't 
forget to use it in your test.ldif file

regards,

François

> regards
> Toper
>
> toperek@interia.plSPAMMMMM
>
>
>