[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
gosa+samba3.schema and slapd.d-configuration-conversion
Hi everybody!
We got a tiny problem with the new configuration layout (the
slapd.d-directory) with out openldap-installation. We're using
Gentoo-Linux-Systems here, with openldap-2.3.39, heimdal-1.0.1 and
cyrus-sasl-2.1.22 (although i don't think heimdal and cyrus-sasl
version-numbers are very interesting for you i added them for
completeness....). We have one master- and a slave-Server. Both run and
work as they should. Before we actually start to use this thing in
production we decided to move away from the original
slapd.conf-configuration (which seems to work perfectly) to the new
slapd.d-directory configuration. So i tried to automatically convert the
slapd.conf into the new slapd.d-configuration using this command:
/usr/lib/openldap/slapd -u ldap -g ldap -f /etc/openldap/slapd.conf -F
/etc/openldap/slapd.d
No output on command-line but as i checked the contents of
/etc/openldap/slapd.d/cn=config i remarked that almost everything was
missing except the include-ldifs. Next i checked the slapd-logfile and
this is what has happened:
...
Feb 20 12:46:26 pluto slapd[18078]: ldif_back_add: err: 0 text:
Feb 20 12:46:26 pluto slapd[18078]: send_ldap_result: conn=-1 op=0 p=0
Feb 20 12:46:26 pluto slapd[18078]: send_ldap_result: err=0 matched=""
text=""
Feb 20 12:46:26 pluto slapd[18078]: config_build_entry: "cn={12}gosa+samba3"
Feb 20 12:46:26 pluto slapd[18078]: ldif_back_add:
"cn={12}gosa+samba3,cn=schema,cn=config"
Feb 20 12:46:26 pluto slapd[18078]: ldif_back_add: err: 34 text:
unrecongized attribute type(s) in RDN
Feb 20 12:46:26 pluto slapd[18078]: send_ldap_result: conn=-1 op=0 p=0
Feb 20 12:46:26 pluto slapd[18078]: send_ldap_result: err=34 matched=""
text="unrecongized attribute type(s) in RDN"
Feb 20 12:46:26 pluto slapd[18078]: backend_startup_one: bi_db_open
failed! (-1)
Feb 20 12:46:26 pluto slapd[18078]: slapd shutdown: initiated
Feb 20 12:46:26 pluto slapd[18078]: ====> bdb_cache_release_all
Feb 20 12:46:26 pluto slapd[18078]: ====> bdb_cache_release_all
Feb 20 12:46:26 pluto slapd[18078]: slapd destroy: freeing system resources.
Feb 20 12:46:26 pluto slapd[18078]: slapd stopped.
...
So the gosa+samba3.schema seems to make automatic conversion hickup
somehow. After commenting out the include-line for this schema,
conversion was successful, so something most be wrong with this schema.
I tried to figure out what could be wrong with this schema myself, but i
have no clue where i should start to look. At the moment the
slave-server is running without the gosa-things included (we don't use
them yet but sooner or later we'll include gosa) and it's working
perfectly. But as i need to get gosa working too, i need to know what's
wrong with the schema. I'll attach the schema to this email, hopefully
somebody can point me in the right direction.
Regards,
Christoph Spielmann
##
## Needed attributes for GOsa (GONICUS System Administrator)
##
## Version 030303
##
## Maintainer: Cajus Pollmeier (pollmeier@GONICUS.de)
##
# Attributes
attributetype ( 1.3.6.1.4.1.10098.1.1.12.1 NAME 'gosaSubtreeACL'
DESC 'GOsa acl entry'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.2 NAME 'gosaUser'
DESC 'GOsa user'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.3 NAME 'gosaObject'
DESC 'GOsa object'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.4 NAME 'gosaMailServer'
DESC 'Specify users main mail server'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.5 NAME 'gosaMailQuota'
DESC 'GOsa quota definitions'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.6 NAME 'gosaMailAlternateAddress'
DESC 'Additional mail addresses where the user is reachable'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.7 NAME 'gosaMailForwardingAddress'
DESC 'Addresses where to forward mail to'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.8 NAME 'gosaMailMaxSize'
DESC 'Block mails bigger than this value'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.9 NAME 'gosaSpamSortLevel'
DESC 'Spamassassins hits'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.10 NAME 'gosaSpamMailbox'
DESC 'Where to put spam'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.11 NAME 'gosaVacationMessage'
DESC 'Text to display in case of vacation'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.12 NAME 'gosaMailDeliveryMode'
DESC 'What to do with mails'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.13 NAME 'gosaDefaultPrinter'
DESC 'Defines a default printer a user owns'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.14 NAME 'gosaDefaultLanguage'
DESC 'Defines the default language for a user'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.15 NAME 'gosaHostACL'
DESC 'Defines the places where users can login'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.16 NAME 'gosaService'
DESC 'Defines services a certain host can provide'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.17 NAME 'gosaProxyID'
DESC 'Defines the proxy user id used, needed for some filters'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.18 NAME 'gosaProxyAcctFlags'
DESC 'Proxy Account Flags'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.19 NAME 'gosaProxyWorkingStart'
DESC 'Specifies the beginning of work in minutes, relative to 00:00'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.20 NAME 'gosaProxyWorkingStop'
DESC 'Specifies the end of work in minutes, relative to 00:00'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.21 NAME 'gosaApplicationName'
DESC 'Specifies the name of an application to be shown up on users desktop'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.22 NAME 'gosaApplicationExecute'
DESC 'Specifies the executable path of an application'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.23 NAME 'gosaApplicationFlags'
DESC 'Specifies the application flags G(roup only), D(esktop), M(enu)'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.31 NAME 'gosaApplicationCategory'
DESC 'Store application parameters'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.24 NAME 'gosaApplicationIcon'
DESC 'Keeps the application icon in png format'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.28)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.25 NAME 'gosaSharedFolderTarget'
DESC 'Keeps the target of cyrus shared folders'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.26 NAME 'gosaMemberApplication'
DESC 'Like memberUid, just for applications'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.27 NAME 'gosaApplicationParameter'
DESC 'Store application parameters'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.28 NAME 'gosaProxyQuota'
DESC 'Specifies the amount of data a user may surf in a defined period of time'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.29 NAME 'gosaProxyQuotaPeriod'
DESC 'Specifies period of time where the counter is been reseted'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.30 NAME 'gosaGroupObjects'
DESC 'Takes a list of all object types that are in a gosaGroupOfNames'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.32 NAME 'gosaApplicationMimeType'
DESC 'Takes a list of relevant mime-type|priority settings'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.33 NAME 'gosaUnitTag'
DESC 'Takes a list of relevant mime-type|priority settings'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.34 NAME 'gosaAclTemplate'
DESC 'Takes ACL entries for gosaRoles'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.35 NAME 'gosaAclEntry'
DESC 'Takes ACL entries for gosaRoles'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.41 NAME 'gosaVacationStart'
DESC 'Timestamp for enabling current vacation message'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.42 NAME 'gosaVacationStop'
DESC 'Timestamp for switching off current vacation message'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.10098.1.1.6.2 NAME 'academicTitle'
DESC 'Field to represent the academic title'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 1.3.6.1.4.1.15305.2.1 NAME ( 'gender' 'sex' )
DESC 'Gender: M for male, F for female'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1}
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.15305.2.2 NAME ( 'dateOfBirth' 'dob' )
DESC 'Date of birth in ISO 8601 format'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{10}
SINGLE-VALUE )
# cyrus imapd access control list
# acls work with users and groups
attributetype ( 1.3.6.1.4.1.19414.2.1.651
NAME 'acl'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
# Objectclasses
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.1 NAME 'gosaObject' SUP top AUXILIARY
DESC 'Objectclass for GOsa settings (v2.4)'
MUST ( gosaSubtreeACL ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.2 NAME 'gosaLockEntry' SUP top STRUCTURAL
DESC 'Objectclass for GOsa locking (v2.4)'
MUST ( gosaUser $ gosaObject $ cn ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.3 NAME 'gosaCacheEntry' SUP top STRUCTURAL
DESC 'Objectclass for GOsa caching (v2.4)'
MAY ( gosaUser )
MUST ( cn ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.4 NAME 'gosaDepartment' SUP top AUXILIARY
DESC 'Objectclass to mark Departments for GOsa (v2.4)'
MUST ( ou $ description ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.5 NAME 'gosaMailAccount' SUP top AUXILIARY
DESC 'Objectclass to mark MailAccounts for GOsa (v2.4)'
MUST ( mail $ gosaMailServer $ gosaMailDeliveryMode)
MAY ( gosaMailQuota $ gosaMailAlternateAddress $ gosaMailForwardingAddress $
gosaMailMaxSize $ gosaSpamSortLevel $ gosaSpamMailbox $
gosaVacationMessage $ gosaVacationStart $ gosaVacationStop $ gosaSharedFolderTarget $ acl))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.6 NAME 'gosaAccount' SUP top AUXILIARY
DESC 'Objectclass for GOsa Accounts (v2.4)'
MUST ( uid )
MAY ( sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ gosaDefaultPrinter $
gosaDefaultLanguage $ academicTitle $ personalTitle $ gosaHostACL $ dateOfBirth $
sambaBadPasswordCount $ sambaBadPasswordTime $ gender ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.7 NAME 'gosaHost' SUP top AUXILIARY
DESC 'Objectclass for GOsa Hosts (v2.4)'
MUST ( cn )
MAY ( description $ gosaService ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.8 NAME 'gosaProxyAccount' SUP top AUXILIARY
DESC 'Objectclass for GOsa Proxy settings (v2.4)'
MUST ( gosaProxyAcctFlags )
MAY ( gosaProxyID $ gosaProxyWorkingStart $ gosaProxyWorkingStop $ gosaProxyQuota $
gosaProxyQuotaPeriod ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.9 NAME 'gosaApplication' SUP top STRUCTURAL
DESC 'Objectclass for GOsa applications (v2.4)'
MUST ( cn $ gosaApplicationExecute )
MAY ( gosaApplicationName $ gosaApplicationIcon $ gosaApplicationFlags $ gosaApplicationMimeType $
gosaApplicationParameter $ gotoLogonScript $ description $ gosaApplicationCategory ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.10 NAME 'gosaApplicationGroup' SUP top AUXILIARY
DESC 'Objectclass for GOsa application groups (v2.4)'
MUST ( cn )
MAY ( gosaMemberApplication $ gosaApplicationParameter ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.11 NAME 'gosaUserTemplate' SUP top AUXILIARY
DESC 'Objectclass for GOsa User Templates (v2.4)'
MUST ( cn ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.12 NAME 'gosaGroupOfNames'
DESC 'GOsa object grouping (v2.4)'
SUP top STRUCTURAL
MUST ( cn $ gosaGroupObjects ) MAY ( member $ description ) )
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.13 NAME 'gosaWebdavAccount'
DESC 'GOsa webdav enabling account (v2.4)'
SUP top AUXILIARY
MUST ( cn $ uid ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.14 NAME 'gosaIntranetAccount'
DESC 'GOsa Inatrent enabling account (v2.4)'
SUP top AUXILIARY
MUST ( cn $ uid )
MAY ( gosaDefaultLanguage ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.15 NAME 'gosaAdministrativeUnit'
DESC 'Marker for administrational units (v2.5)'
SUP top AUXILIARY
MUST ( gosaUnitTag ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.16 NAME 'gosaAdministrativeUnitTag'
DESC 'Marker for objects below administrational units (v2.5)'
SUP top AUXILIARY
MUST ( gosaUnitTag ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.17 NAME 'gosaRole'
DESC 'ACL container to define roles (v2.5)' SUP top AUXILIARY
MUST ( gosaAclTemplate ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.18 NAME 'gosaAcl'
DESC 'ACL container to define single ACLs (v2.5)' SUP top AUXILIARY
MUST ( gosaAclEntry ))