[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: translucent overlay add an attribute to all users in a OU and subtree

To: openldap-technical@openldap.org
Subject: Re: translucent overlay add an attribute to all users in a OU and subtree
From: Nicolas RENAULT <nicolas_renault@yahoo.fr>
Date: Fri, 17 Oct 2014 17:40:20 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.fr; s=s2048; t=1413560422; bh=meQ9NRRoaJ6Ou+g4crwNA2hxO+b2fxEprd6w8Sw4+yA=; h=Date:From:To:Subject:References:In-Reply-To:From:Subject; b=K544NyhC5tuEjLviD2El8RiFc1ibYqxSsqhMkdGJZYXBNdmDiAFkIhMaTNe4io51GwV1YSSoo/B53pLPa6I0BdJkAdv4XepcWnSkAcHDFMR0j6QoTMNUxIcB9lKPMFKGbOJzgzIJUegrJJ0J8JC00GnCySzYgaaNMnbuOLWIBomAtqlga8tDMaFwS2WMUBHe0jMGGilvqYGhVjJfQhhM1zA5KFSFDF6z1vrYW3S7wNc9iDSdHrMQXyUQPfVTS177Kt0ezVkAEpQ/9OFpT9MAhtC514MshumNb1B/Y6i5jZMWkNctlxAWXxh0PVFwIvYw4S3IsaH2idKsrweHRMnSRg==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.fr; s=s1024; t=1413560422; bh=meQ9NRRoaJ6Ou+g4crwNA2hxO+b2fxEprd6w8Sw4+yA=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=Ip4u35LtpRAyXBUa/E1SwhFENWbzycM0p05r3iziSBxLoBvV+AxaKjK+8KjeFPqblEEPvIOYSJsp1sGKZmEG8KKTpHvIQAjUF0FB8MtOz1cDXGJyKuCRBLfV+QSnjCVAqAkPXj0lKg7/EXHhtDIU9769FX2+7yALnXLIIgyEp8M=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s2048; d=yahoo.fr; b=SpJzVpP4mZcPg8NuXtVaCIIijkAOU4yu97pOVZAyNsD784EP63lV8ktSbp5AjnmOtc27xx9aSDk1FxUyKimRVaa+Kxj+Jtl7ltww6OXV891sNh33B78PnnsjeOGSRxp8fZoKXBfzQts3LyURlSWwvypYNmeG8qdkWThDPh9ZabC/dlGCzaDdFyIKmS/hhnAvLlZEAExt02xB8fr95SzJFzsX3i4jWY6GzLX49exxDv3HgRLidlnuHOsQnC8hHVq7/+V20UQwie8+6P9dyCJ+7Vljst6RN+yzT565uHDfoWUR8LfJnaycUPbCy0yuiaDgHPenr+kVeyADblfRd7BHKw==;
In-reply-to: <543E22F0.7080208@yahoo.fr>
References: <53E0F6B2.9030302@yahoo.fr> <53E180E9.10005@symas.com> <53E254C7.8030801@yahoo.fr> <20140807090922.3b375d91@pink.avci.de> <543D1935.3090708@yahoo.fr> <20141014171717.09bd5dee@pink.avci.de> <543E22F0.7080208@yahoo.fr>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0

ok,
the result of the command :
-------------------------------------------
@(#) $OpenLDAP: slapd 2.4.39 $
    opensuse-buildservice@opensuse.org

Included static overlays:
    ppolicy
    syncprov
Included static backends:
    config
    ldif
    monitor
    bdb
    hdb
    ldap
    mdb
    relay
--------------------------------------------

so no static overlay collect but I use a lot a overlay in my conf withmoduleload directive :


(from my slapd.conf)

--------------------
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/openldap.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/collective.schema
include         /etc/openldap/schema/contrib/exemple.schema
defaultsearchbase dc=example,dc=fr
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        256
modulepath      /usr/lib/openldap/modules/
moduleload      back_ldap
moduleload      back_meta
moduleload      rwm
moduleload      valsort
#moduleload     accesslog
moduleload      memberof
moduleload      dynlist
moduleload      sssvlv
#moduleload     pcache
moduleload      collect
overlay sssvlv
....
overlay collect
collectinfo cn=collect_OU_NAME,dc=example,dc=fr    co,PostalCode
....
--------------------------------------------

someone see something wrong ?

if all is good with this declaration of collect, do I have to add anobjectclass "collectiveAttributeSubentry" somewhere in the schema orit is provided by the module ?


Hello,

I try others things without success. if someone have an idea/clue/tipsto help me.

so I decide to build openldap 2.4.40 on a just-installed computer(opensuse 13.1 <-- client request)

now slapd -VVV give me :

 @(#) $OpenLDAP: slapd 2.4.40 (Oct 17 2014 15:08:43) $
    root@linux-nn6c.site:/root/openldap-2.4.40/servers/slapd

Included static overlays:
    accesslog
    auditlog
    collect
    constraint
    dds
    deref
    dyngroup
    dynlist
    memberof
    ppolicy
    pcache
    refint
    retcode
    rwm
    seqmod
    sssvlv
    syncprov
    translucent
    unique
    valsort
Included static backends:
    config
    ldif
    monitor
    bdb
    hdb
    ldap
    mdb
    meta
    relay

as you can see i build with a lot of overlay and backend (maybe to much )

I take the slapd.conf from the server I used.

--------------------
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/openldap.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/collective.schema
include         /etc/openldap/schema/contrib/exemple.schema
defaultsearchbase dc=example,dc=fr
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        256
modulepath      /usr/lib/openldap/modules/
moduleload      back_ldap
moduleload      back_meta
moduleload      rwm
moduleload      valsort
#moduleload     accesslog
moduleload      memberof
moduleload      dynlist
moduleload      sssvlv
#moduleload     pcache
moduleload      collect
overlay sssvlv
....
overlay collect
collectinfo cn=office,dc=example,dc=fr    l,street


* do I have to use "moduleload" directive with overlay build that I made ?
* when i try to add :


dn: cn=office,dc=example,dc=fr
objectClass: subentry
objectClass: extensibleObject
objectClass: collectiveAttributeSubentry
cn: office
subtreeSpecification: {base "ou=SOME_OU" minimum 2}
c-l: Berlin
c-street: Main Street

--------------------------

the result is :

adding new entry "cn=office,dc=example,dc=fr"
ldap_add: Object class violation (65)
    additional info: objectClass: value #2 invalid per syntax

so I suppose that "objectClass: collectiveAttributeSubentry" as to bedeclare in the schema. Y/N ?


if I look in RFC3671, I find this objectclass declaration :

objectclass ( 2.5.17.2 NAME'collectiveAttributeSubentry' AUXILIARY)


so I add it from a file  (exemple.schema) see slapd.conf ,

now when I try to add de ldif :

ldap_add: Object class violation (65)
    additional info: 'c-l' can only appear in collectiveAttributeSubentry

--------------------------------------

Sorry to ask over and over but a don't understand the way it works. Whatdo i forget to do to make it works ?


thanks for reply

--
Nicolas

Follow-Ups:
- Re: translucent overlay add an attribute to all users in a OU and subtree
  - From: Dieter Klünter <dieter@dkluenter.de>

References:
- Re: translucent overlay add an attribute to all users in a OU and subtree
  - From: Nicolas RENAULT <nicolas_renault@yahoo.fr>
- Re: translucent overlay add an attribute to all users in a OU and subtree
  - From: Dieter Klünter <dieter@dkluenter.de>
- Re: translucent overlay add an attribute to all users in a OU and subtree
  - From: Nicolas RENAULT <nicolas_renault@yahoo.fr>

Prev by Date: Re: [LMDB] some few questions
Next by Date: Synchronizing two mirror mode clusters
Index(es):
- Chronological
- Thread