FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 05-16-2011, 04:13 PM
Stephen Lorenz
 
Default unable to read schema

Hi,


We are trying to set up our 389 DS instance and everything seems to work except that LDAP browsers cannot seem to access the schema. *For example, in the LDAPSort LDAP Admin Tool we receive the error message:


"Unable to read schema!!" *Unable to read schema, please login/bind with an account which has access to schema - You can also rebind with any entry using the right-click menu and selecting rebind.


However, we are not trying to access the directory*anonymously; we receive this error even when binding as Directory Manager.*
We also cannot browser the schema using a standard ldapsearch command. *


Any ideas of how to enable schema reading?
Thanks,
Stephen
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-16-2011, 04:17 PM
Rich Megginson
 
Default unable to read schema

On 05/16/2011 10:13 AM, Stephen Lorenz wrote:
Hi,




We are trying to set up our 389 DS instance and everything
seems to work except that LDAP browsers cannot seem to access
the schema. *For example, in the LDAPSort LDAP Admin Tool we
receive the error message:



"Unable to read schema!!" *Unable to read schema, please
login/bind with an account which has access to schema - You can
also rebind with any entry using the right-click menu and
selecting rebind.



However, we are not trying to access the
directory*anonymously; we receive this error even when binding
as Directory Manager.*



We also cannot browser the schema using a standard ldapsearch
command. *



Any ideas of how to enable schema reading?

ldapsearch -x -D "cn=directory manager" -W -s base -b "cn=schema"
"objectclass=*" attributeTypes objectClasses matchingRules ......

Look in the directory server access log in
/var/log/dirsrv/slapd-INSTNAME/access

to see what search the client is doing

1) it's not searching cn=schema

2) it's not requesting the attributes attributeTypes objectClasses
etc. explicitly - these attributes are operational attributes and
must be explicitly requested in the ldap search request





Thanks,

Stephen


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 02:26 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org