Gurjot Kaur wrote:
I have OpenLDAP version 2.4.11 configured in multimaster mode.
You should definitely upgrade your OpenLDAP installation.
Attached files is the schema file (core.schema) and configuration file for LDAP. I have modified core.schema file to make 'companyName' a mandatory parameter in objectClass 'organizationalUnit'
Don't mess with standard schema! That's really bad practice.
When I add an entry using 'ldapadd' without providing parameter 'companyName', it is getting added in the LDAP which is not correct. It should give error of missing mandatory parameter. When this LDAP is working as single instance i.e. without multimaster mode, then while adding the same entry without parameter 'companyName', LDAP is showing error given below. ldap_add: Object class violation (65) additional info: object class 'organizationalUnit' requires attribute 'companyName' I don’t understand what is causing any difference. Please check and give any suggestion.
I'm not sure but this might be bug fixed in the mean-time. Please test with a newer release.
Please also make sure that the schema is exactly the same on all replicas. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature