[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Creating Structural Objects Under User Records

To: Tim Gustafson <tjg@soe.ucsc.edu>, openldap-technical@openldap.org
Subject: Re: Creating Structural Objects Under User Records
From: Bill MacAllister <whm@stanford.edu>
Date: Thu, 03 Sep 2009 13:14:20 -0700
Content-disposition: inline
In-reply-to: <153310986.1101161251996082805.JavaMail.root@mail-01.cse.ucsc.edu>
References: <153310986.1101161251996082805.JavaMail.root@mail-01.cse.ucsc.edu>



--On Thursday, September 03, 2009 09:41:22 AM -0700 Tim Gustafson <tjg@soe.ucsc.edu> wrote:

I'd like to be able to create "sub-objects" inside each user object.
So, my account is:


Every entry in a LDAP directory is a "sub-object" except for the root
distinguished name.

uid=tjg,ou=People,dc=soe,dc=ucsc,dc=edu

I'd like to be able to create an object like:

cn=foo,uid=tjg,ou=People,dc=soe,dc=ucsc,dc=edu

This object would be of objectClass "soeDegree", which I've defined as follows:

attributetype (
  1.1.2.1.32
  NAME 'soeDegreeYear'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE )

attributetype (
  1.1.2.1.33
  NAME 'soeDegreeType'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE )

attributetype (
  1.1.2.1.34
  NAME 'soeDegreeDepartment'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE )

attributetype (
  1.1.2.1.35
  NAME 'soeDegreeThesisTitle'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE )

attributetype (
  1.1.2.1.36
  NAME 'soeDegreeThesisURL'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE )

objectclass (
  1.1.2.1.997
  NAME 'soeDegree'
  DESC 'Jack Baskin School of Engineering Degree'
  SUP top
  STRUCTURAL
  MUST ( cn )
  MAY ( soeDegreeYear $ soeDegreeType $ soeDegreeDepartment $ soeDegreeThesisTitle $ soeDegreeThesisURL ))


Pretty funky OIDs you are using in your schema definitions.  For
example, I would expect something like 1.3.6.1.4.1.n.1.2 for objects
where n is your IANA assigned private enterprise number.

However, when I attempt to add the sub-object, the server returns:

0x35 (LDAP_UNWILLING_TO_PERFORM)

How can I tell OpenLDAP to allow me to create child objects inside
accounts like this?


When using ldapadd there frequently is an additional line of
information following the "unwilling to perform" message that contains
more specific information about the problem.If you have not tried
using ldapadd that would be a place to start.

Bill

Tim Gustafson
Baskin School of Engineering
UC Santa Cruz
tjg@soe.ucsc.edu
831-459-5354




--

Bill MacAllister <whm@stanford.edu>
Systems Software Programmer, ITS Unix Systems, Stanford University

Follow-Ups:
- Re: Creating Structural Objects Under User Records
  - From: Tim Gustafson <tjg@soe.ucsc.edu>

References:
- Creating Structural Objects Under User Records
  - From: Tim Gustafson <tjg@soe.ucsc.edu>

Prev by Date: Creating Structural Objects Under User Records
Next by Date: Re: Creating Structural Objects Under User Records
Index(es):
- Chronological
- Thread