[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Newbie LDIF question
I've installed OpenLDAP, and it's running happily with TLS and SASL, so
the next step is to create the hierarchy.
First the organisation (itops.com in this instance), then
ou=People,dc=itops,dc=com (and so on for hosts, etc, etc).
I've trawled the web for examples and I'm obviously missing something
which must be staring me in the face because nothing works:
root@ldap1 # cat eg1.ldif
dn: dc=itops,dc=com
objectclass: top
objectclass: organization
o: ITOPS
description: itops
root@ldap1 # /usr/local/bin/ldapadd -c -Y DIGEST-MD5 -U Manager -W -f
eg1.ldif
Enter LDAP Password:
SASL/DIGEST-MD5 authentication started
SASL username: Manager
SASL SSF: 128
SASL installing layers
adding new entry "dc=itops,dc=com"
ldap_add: Naming violation (64)
additional info: naming attribute 'dc' is not present in entry
root@ldap1 #
Okay, so add a "dc" entry:
root@ldap1 # cat eg2.ldif
dn: dc=itops,dc=com
objectclass: top
objectclass: organization
o: ITOPS
dc: itops
description: itops
root@ldap1 # /usr/local/bin/ldapadd -c -Y DIGEST-MD5 -U Manager -W -f
eg2.ldif
Enter LDAP Password:
SASL/DIGEST-MD5 authentication started
SASL username: Manager
SASL SSF: 128
SASL installing layers
adding new entry "dc=itops,dc=com"
ldap_add: Object class violation (65)
additional info: attribute 'dc' not allowed
root@ldap1 #
So it's not allowed??? Okay, add "dcObject" ... this is all
trial-and-error, as you can see:
root@ldap1 # cat eg3.ldif
dn: dc=itops,dc=com
objectclass: top
objectclass: dcObject
objectclass: organization
o: ITOPS
dc: itops
description: itops
root@ldap1 # /usr/local/bin/ldapadd -c -Y DIGEST-MD5 -U Manager -W -f
eg3.ldif
Enter LDAP Password:
SASL/DIGEST-MD5 authentication started
SASL username: Manager
SASL SSF: 128
SASL installing layers
adding new entry "dc=itops,dc=com"
ldap_add: No such object (32)
What does this "No such object" mean? I could add an object for "com",
but it doesn't like that:
root@ldap1 # cat com.ldif
dn: dc=com
objectclass: top
objectclass: dcObject
objectclass: organization
o: com
dc: com
description: com
root@ldap1 # /usr/local/bin/ldapadd -c -Y DIGEST-MD5 -U Manager -W -f
com.ldif
Enter LDAP Password:
SASL/DIGEST-MD5 authentication started
SASL username: Manager
SASL SSF: 128
SASL installing layers
adding new entry "dc=com"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
root@ldap1 #
There must be a really simple answer to this; can anybody shed some light?
Cheers,
Steve
steve@itops.com