Thomas Schweikle wrote:
Am 21.01.2011 13:19, schrieb Brian Candler:On Thu, Jan 20, 2011 at 08:04:00PM +0100, Thomas Schweikle wrote:The group I want to add: dn: cn=somegroup,ou=Groups,dc=example,dc=org objectClass: posixGroups objectClass: top gidNumer: 3000 cn: somegroup memberUid: someuserAre you sure you mean posixGroups, not posixGroup ? And gidNumer instead of gidNumber ?This was the point: the export was with "posixGroups", but the newer schema only allowed "posixGroup". Must have been changed sometime ... :(
This schema has not changed in a dozen years. Your previous LDAP server simply didn't do schema validation and allowed you to store whatever garbage you gave it without checking.
Have a look at nis.schema (or nis.ldif) to see what attributes are required or permitted for posixGroup.I corrected all posixGroups to posixGroup and import worked!
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/