Hi, On 7/15/2015 12:55 AM, Sergio NNX wrote:
> Or just read the ldapmodify/ldapadd manpage. The jpegPhoto example in the > manpage shows how to load a binary value. You can load DER format certificatesYes please. I've adapted an example from http://kukusan-network.blogspot.cz/2012/01/how-to-setting-ldap-openldap-in-windows.html (also for OpenLDAP for Windows), adding the certificate with the syntax from the man page (roughly - the man page doesn't have space between : and <). It fails:> directly, this way.I agree with Howard, you don't have to use ldif command. You can use ldapmodify or ldapadd to achieve the same thing. I have a working example I could email to you, if you are interested.
C:\OpenLDAP\ClientTools>ldapmodify.exe -a -x -h localhost -p 389 -D "cn=manager,
dc=maxcrc,dc=com" -f c:\OpenLDAP\ldifdata\user.ldif -w secret
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 636
ldap_prepare_socket: 636
ldap_connect_to_host: Trying ::1 389
ldap_pvt_connect: fd: 636 tm: -1 async: 0
attempting to connect:
connect success
adding new entry "cn=Vaclav Barta,ou=people,dc=maxcrc,dc=com"
ldap_add: Undefined attribute type (17)
additional info: usercertificate: requires ;binary transfer
Obviously the problem is on the usercertificate line of user.ldif, but
how exactly should I write it?
Bye
Vaclav
--
http://www.mangrove.cz
Attachment:
client.der
Description: Binary data
# this is an ENTRY sequence and is preceded by a BLANK line dn: cn=Vaclav Barta,ou=people,dc=maxcrc,dc=com objectclass: inetOrgPerson cn: Vaclav Barta sn: barta uid: vbarta userpassword: SomePassword carlicense: HISCAR 123 homephone: 555-111-2222 mail: vbar@comp.cz description: test user usercertificate: < file:///C:/OpenLDAP/ldifdata/client.der