[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using OpenLDAP client to change directory schema

To: Klaus Heinrich Kiwi <klausk@linux.vnet.ibm.com>
Subject: Re: using OpenLDAP client to change directory schema
From: Pierangelo Masarati <ando@sys-net.it>
Date: Tue, 16 Sep 2008 21:30:29 +0200
Cc: openldap-software@openldap.org
In-reply-to: <1221583090.9420.4.camel@klausk.br.ibm.com>
References: <1221583090.9420.4.camel@klausk.br.ibm.com>
User-agent: Thunderbird 2.0.0.16 (X11/20080724)

Klaus Heinrich Kiwi wrote:

Hi,

 My understanding is that OpenLDAP software doesn't support subschema
modification over LDAP operations, but I'm willing to use OpenLDAP
client to change cn=schema on an LDAP server (different vendor) that
supports it.

OpenLDAP supports schema modification by way of LDAP operations. It does not support direct modification to "cn=subschema" (not "cn=schema").

Is that possible? Or is the OpenLDAP checking for cn=schema at the
client? The output I'm getting is:

You need to modify the "cn=schema,cn=config" within the config naming context, and changes will be reflected into the "cn=subschema" entry.

[root@pam ~]# ldapmodify -H ldap://host -D cn=root -w passwd -x -ZZ -a -f /usr/share/doc/krb5-server-ldap-1.6.2/kerberos.ldif
ldapmodify: invalid format (line 5) entry: "cn=schema"

This error indicates a malformed LDIF. You should check whether line 5 of the entry "cn=schema" is correct. This has nothing to do with OpenLDAP's slapd: the error is detected at the client side.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

References:
- using OpenLDAP client to change directory schema
  - From: Klaus Heinrich Kiwi <klausk@linux.vnet.ibm.com>

Prev by Date: Upgrading 2.3.x -2.4.x
Next by Date: Re: Upgrading 2.3.x -2.4.x
Index(es):
- Chronological
- Thread