[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ldapd vs. slapd

To: Bill MacAllister <whm@stanford.edu>, Brandon Hume <hume-ol@bofh.ca>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: RE: ldapd vs. slapd
From: "Richards, Toby" <toby.richards@slo.courts.ca.gov>
Date: Wed, 18 Apr 2012 08:57:20 -0700
Accept-language: en-US
Acceptlanguage: en-US
Content-language: en-US
In-reply-to: <13B4167AEEA6D940459E4C7B@trainmaster.Stanford.EDU>
References: <BBA9BC3C517CA146B6EB45312711601D02FE236C269B@AOCMBX01.srv.courts-tc.ca.gov>, <635EE0791945EE2FDC5BBE83@trainmaster.Stanford.EDU> <BBA9BC3C517CA146B6EB45312711601D02FE2374A1E8@AOCMBX01.srv.courts-tc.ca.gov> <4F8D850C.3060007@bofh.ca> <BBA9BC3C517CA146B6EB45312711601D02FE236C272C@AOCMBX01.srv.courts-tc.ca.gov> <C0C9408742654B429ECD3D1FF11A118D16EB369725@TNS-MAIL-NA1.win2k.corp.tnsi.com> <BBA9BC3C517CA146B6EB45312711601D02FE236C2749@AOCMBX01.srv.courts-tc.ca.gov> <4F8D972A.1060508@bofh.ca> <BBA9BC3C517CA146B6EB45312711601D02FE236C2945@AOCMBX01.srv.courts-tc.ca.gov> <13B4167AEEA6D940459E4C7B@trainmaster.Stanford.EDU>
Thread-index: Ac0dezu7bpcILs0+TayoLIKZlYGJ5QAAAevA
Thread-topic: ldapd vs. slapd

Yes. I have one of those free subdomains (org.org), so mine is toby.org.org.

Something is definitely wrong. I've been scouring the Internet for
documentation and tutorials. I finally broke down, and downloaded a GUI LDAP
tool. Actually, I've tried several including jxplorer and LDAP
Administration Tool, but I like the one by Jarek Gawor best:

http://www.novell.com/communities/node/8652/gawors-excellent-ldap-browseredi
tor-v282

Anyway, the GUI isn't even working. It gives me errors that it can't read
dc=toby,dc=org,dc=org. It errors and fails when I try to add a user. I'm not
sure what could be wrong with my conf files. They're pretty much set up with
all the defaults except with my own realm instead of dc=example,dc=com.

Am I supposed to do something between editing the conf files/starting slapd
and adding users?

-Toby

-----Original Message-----
From: Bill MacAllister [mailto:whm@stanford.edu] 
Sent: Wednesday, April 18, 2012 8:52 AM
To: Richards, Toby; Brandon Hume; openldap-technical@openldap.org
Subject: RE: ldapd vs. slapd

--On Wednesday, April 18, 2012 08:19:29 AM -0700 "Richards, Toby"
<toby.richards@slo.courts.ca.gov> wrote:

> So I've followed the suggestion to have only the objectClass
inetOrgPerson.
> Now I'm told that there's no such object. My LDIF file:
>
> dn: uid=trichards,dc=toby,dc=org,dc=org

Did you really mean to have dc=org twice?

Bill

> cn: Toby Richards
> givenName: Toby
> sn: Richards
> uid: trichards
> mail: trichards@toby.org.org
> objectClass: inetOrgPerson
> password: {CRYPT}*
>
> Result: ldap_add: No such object (32)
>
> -Toby
>
> -----Original Message-----
> From: openldap-technical-bounces@OpenLDAP.org
> [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Brandon 
> Hume
> Sent: Tuesday, April 17, 2012 9:16 AM
> To: openldap-technical@openldap.org
> Subject: Re: ldapd vs. slapd
>
>   On 04/17/12 12:47 PM, Richards, Toby wrote:
>> The above doesn't work. It says that top/account isn't a valid chain.
>>
>
> What happens if you leave out "account"?  It's a structural 
> objectclass and is likely conflicting with inetOrgPerson.
>
> If you check cosine.schema, you'll see the objectclass "account" as 
> being meant for a computer account.  You're essentially adding an 
> entry that says it's for a person *and* a computer.  (A cyborg, 
> maybe?)  LDAP wants clear lines of inheritance.
>

-- 

Bill MacAllister
Infrastructure Delivery Group, Stanford University

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow-Ups:
- RE: ldapd vs. slapd
  - From: Bill MacAllister <whm@stanford.edu>
- RE: ldapd vs. slapd
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

References:
- ldapd vs. slapd
  - From: "Richards, Toby" <toby.richards@slo.courts.ca.gov>
- Re: ldapd vs. slapd
  - From: Bill MacAllister <whm@stanford.edu>
- RE: ldapd vs. slapd
  - From: "Richards, Toby" <toby.richards@slo.courts.ca.gov>
- Re: ldapd vs. slapd
  - From: Brandon Hume <hume-ol@bofh.ca>
- RE: ldapd vs. slapd
  - From: "Richards, Toby" <toby.richards@slo.courts.ca.gov>
- RE: ldapd vs. slapd
  - From: "Richards, Toby" <toby.richards@slo.courts.ca.gov>
- Re: ldapd vs. slapd
  - From: Brandon Hume <hume-ol@bofh.ca>
- RE: ldapd vs. slapd
  - From: "Richards, Toby" <toby.richards@slo.courts.ca.gov>
- RE: ldapd vs. slapd
  - From: Bill MacAllister <whm@stanford.edu>

Prev by Date: RE: ldapd vs. slapd
Next by Date: RE: ldapd vs. slapd
Index(es):
- Chronological
- Thread