FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 10-28-2010, 11:39 PM
Tim Dunphy
 
Default adding user ldif to ldap

hi list.. I am trying to add an ldif with my users that I have derived
from /etc/passwd. for some reason ldapadd is choking on the first
entry... I've also tried removing the first one and predictably each
one fails in exactly the same way...may I ask how best to correct
this?


Here is the error:

LDAP# ldapadd -x -D "cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif
adding new entry "uid=root,ou=People,dc=summitnjhome,dc=com"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #6 invalid per syntax

Here is the first entry which presented a problem when I attempted to add it:

dn: uid=root,ou=People,dc=summitnjhome,dc=com
uid: root
cn: Enoch &
givenName: Enoch
sn: &
mail: root@summitnjhome.com
mailRoutingAddress: root@mail.summitnjhome.com
mailHost: mail.summitnjhome.com
objectClass: inetLocalMailRecipient
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: kerberosSecurityObject
userPassword: {crypt}*
krbName: root@summitnjhome.COM
loginShell: /bin/csh
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Enoch &


And here are the schemas I have included in my slapd.conf:


LDAP# cat /usr/local/etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/openldap.schema
include /usr/local/etc/openldap/schema/sudoers.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/misc.schema

And these are the permissions on those schema files:

[root@LBSD2:/usr/local/etc/openldap/schema]#ls -l core.schema
cosine.schema inetorgperson.schema openldap.schema sudoers.schema
nis.schema misc.schema

-r--r--r-- 1 root wheel 20583 Oct 9 21:37 core.schema
-r--r--r-- 1 root wheel 74080 Oct 9 21:37 cosine.schema
-r--r--r-- 1 root wheel 6360 Oct 9 21:37 inetorgperson.schema
-r--r--r-- 1 root wheel 2471 Oct 9 21:37 misc.schema
-r--r--r-- 1 root wheel 7723 Oct 9 21:37 nis.schema
-r--r--r-- 1 root wheel 1602 Oct 9 21:37 openldap.schema
-r--r--r-- 1 root wheel 1655 Oct 9 02:50 sudoers.schema

And here is what is happening in the LDAP logs when I try to add the file:

Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: read activity on 11
Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: select: listen=6
active_threads=0 tvp=NULL
Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: select: listen=7
active_threads=0 tvp=NULL
Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: activity on 1 descriptor
Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: waked
Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: select: listen=6
active_threads=0 tvp=NULL
Oct 28 19:39:20 LBSD2 slapd[7372]: daemon: select: listen=7
active_threads=0 tvp=NULL
Oct 28 19:39:20 LBSD2 slapd[7372]: conn=1002 op=1 ADD
dn="uid=root,ou=People,dc=summitnjhome,dc=com"
Oct 28 19:39:20 LBSD2 slapd[7372]: conn=1002 op=1 RESULT tag=105
err=21 text=objectClass: value #4 invalid per syntax



Thanks for your help!

--
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9

Share and enjoy!!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-28-2010, 11:47 PM
Norman Gaywood
 
Default adding user ldif to ldap

On 29 October 2010 10:39, Tim Dunphy <bluethundr@gmail.com> wrote:

> LDAP# ldapadd -x -D "cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif
> adding new entry "uid=root,ou=People,dc=summitnjhome,dc=com"
> ldap_add: Invalid syntax (21)
> * * * additional info: objectClass: value #6 invalid per syntax
>
> Here is the first entry which presented a problem when I attempted to add it:
>
> dn: uid=root,ou=People,dc=summitnjhome,dc=com
> uid: root
> cn: Enoch &
> givenName: Enoch
> sn: &
> mail: root@summitnjhome.com
> mailRoutingAddress: root@mail.summitnjhome.com

Perhaps the 6th line of attributes (value #6?) contains
mailRoutingAddress. Is mailRoutingAddress defined in your schema?


--
Norman Gaywood, Computer Systems Officer
University of New England, Armidale,
NSW 2351, Australia

ngaywood@une.edu.au* * * * * * Phone: +61 (0)2 6773 3337
http://mcs.une.edu.au/~norm* * Fax:** +61 (0)2 6773 3312

Please avoid sending me Word or Power Point attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-29-2010, 12:06 AM
Sean Hart
 
Default adding user ldif to ldap

> Here is the error:
>
> LDAP# ldapadd -x -D "cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif
> adding new entry "uid=root,ou=People,dc=summitnjhome,dc=com"
> ldap_add: Invalid syntax (21)
> additional info: objectClass: value #6 invalid per syntax
>
I believe this is complaining about the 6th entry in the objectClass
field (starting at 0, I think meaning the kerberosSecurityObject). If
you look at the schema entry for that objectClass, there may be
restraints on the class that are not permitting you to add...
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 10-29-2010, 12:47 AM
Tim Dunphy
 
Default adding user ldif to ldap

Hey guys...

Thanks very much for your help!

It turns out that mailRoutingAddress actually turns out to be in misc.schema:


[root@LBSD2:/usr/local/etc/openldap/schema]#grep -ri
mailRoutingAddress /usr/local/etc/openldap/schema
/usr/local/etc/openldap/schema/misc.schema: NAME 'mailRoutingAddress'
/usr/local/etc/openldap/schema/misc.schema: MAY ( mailLocalAddress $
mailHost $ mailRoutingAddress ) )
/usr/local/etc/openldap/schema/misc.schema.default: NAME 'mailRoutingAddress'
/usr/local/etc/openldap/schema/misc.schema.default: MAY (
mailLocalAddress $ mailHost $ mailRoutingAddress ) )

BUT.. the kerberos objects were not in any of the schemas I currently
have on my system:

[root@LBSD2:/usr/local/etc/openldap/schema]#grep -ri
kerberosSecurityObject /usr/local/etc/openldap/schema
[root@LBSD2:/usr/local/etc/openldap/schema]#grep -ri krbName
/usr/local/etc/openldap/schema
[root@LBSD2:/usr/local/etc/openldap/schema]#


Removing ALL references to the kerberos objects did the trick!!!
[root@LDAP:/usr/local/etc/openldap/schema]#ldapadd -x -D
"cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif
Enter LDAP Password:
adding new entry "uid=root,ou=People,dc=summitnjhome,dc=com"

adding new entry "uid=toor,ou=People,dc=summitnjhome,dc=com"

adding new entry "uid=daemon,ou=People,dc=summitnjhome,dc=com"

adding new entry "uid=operator,ou=People,dc=summitnjhome,dc=com "

adding new entry "uid=bin,ou=People,dc=summitnjhome,dc=com"

adding new entry "uid=tty,ou=People,dc=summitnjhome,dc=com"

adding new entry "uid=kmem,ou=People,dc=summitnjhome,dc=com"

Thanks to Sean for spotting that and thank you to Norman for the attempt!!

The only question I would have left is that apparently the one schema
I would need to incorporate kerberos stuff is krb5-kdc.schema. Would
anyone happen to know of a place I could download this?

Best!






adding new entry "uid=games,ou=People,dc=summitnjhome,dc=com"
On Thu, Oct 28, 2010 at 8:06 PM, Sean Hart <boardnutz@blacklight.net> wrote:
>
>> Here is the error:
>>
>> LDAP# ldapadd -x -D "cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif
>> adding new entry "uid=root,ou=People,dc=summitnjhome,dc=com"
>> ldap_add: Invalid syntax (21)
>> * * * * additional info: objectClass: value #6 invalid per syntax
>>
> I believe this is complaining about the 6th entry in the objectClass
> field (starting at 0, I think meaning the kerberosSecurityObject). *If
> you look at the schema entry for that objectClass, there may be
> restraints on the class that are not permitting you to add...
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



--
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9

Share and enjoy!!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org