[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Adding entries to cn=config
- To: openldap-technical@openldap.org
- Subject: Adding entries to cn=config
- From: "Angel L. Mateo" <amateo@um.es>
- Date: Mon, 27 Sep 2010 12:56:47 +0200
- Organization: ATICA, Universidad de Murcia
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.12) Gecko/20100915 Lightning/1.0b1 Thunderbird/3.0.8
Hello,
I'm migrating from an old openldap 2.3.30 to a 2.4.21 running in an
ubuntu server, so I'm new with cn=config database.
The problem I have is that I want to create a user under cn=config, so
I could configure the server without providing the password for
cn=config (I want to restrict the IPs from that user could be used).
So I'm trying to add an entry like:
dn: cn=myuser,cn=config
changetype: add
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: myuser
userPassword: mypassword
but I'm getting the error:
Object class violation (65).
In the server's log I get:
Sep 27 12:52:04 canis10 slapd[10564]: conn=1018 op=2 ADD
dn="cn=myuser,cn=config
"
Sep 27 12:52:04 canis10 slapd[10564]: slap_queue_csn: queing
0x7f47bc1d8f10 2010
0927105204.422891Z#000000#001#000000
Sep 27 12:52:04 canis10 slapd[10564]: conn=1018 op=2 RESULT tag=105
err=65 text=
I have tried to add it with the server running in debug mode, and then
I get:
>>> dnPrettyNormal: <cn=myuser,cn=config>
=> ldap_bv2dn(cn=myuser,cn=config,0)
<= ldap_bv2dn(cn=myuser,cn=config)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=myuser,cn=config)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=myuser,cn=config)=0
<<< dnPrettyNormal: <cn=myuser,cn=config>, <cn=myuser,cn=config>
conn=1002 op=2 ADD dn="cn=myuser,cn=config"
daemon: activity on 1 descriptor
daemon: activity on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
=> access_allowed: add access to "cn=myuser,cn=config" "entry" requested
<= root access granted
=> access_allowed: add access granted by manage(=mwrscxd)
<= acl_access_allowed: granted to database root
oc_check_required entry (cn=myuser,cn=config), objectClass
"organizationalRole"
oc_check_required entry (cn=myuser,cn=config), objectClass
"simpleSecurityObject"
oc_check_allowed type "objectClass"
oc_check_allowed type "cn"
oc_check_allowed type "userPassword"
oc_check_allowed type "structuralObjectClass"
=> access_allowed: add access to "cn=config" "children" requested
<= root access granted
=> access_allowed: add access granted by manage(=mwrscxd)
conn=1002 op=2: config_add_internal: DN="cn=myuser,cn=config" no
structural objectClass in configuration table
but organizationalRole is an structural object class. I have tried with
other objectclasses like person or inetOrgPerson, but I get the same result.
Could anybody help me?
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información _o)
y las Comunicaciones Aplicadas (ATICA) / \\
http://www.um.es/atica _(___V
Tfo: 868887590
Fax: 868888337