On 12/27/2012 03:26 PM, Orion Poplawski wrote:
Has any work been done towards supporting Apple OS X ldap schema in
389? It
seems like this is the latest OpenLDAP schema for Apple:
http://opensource.apple.com/source/OpenLDAP/OpenLDAP-208.1/OpenLDAP/serve...
Does anyone know of tools that would populate the various apple specific
entries like apple-generateduid?
Thanks!
For what it is worth - I ran it through ol-schema-migrate.pl and got the
attached file. But doesn't work:
Starting dirsrv:
cora-ldap2...[27/Dec/2012:15:43:01 -0700] attr_syntax_create - Error: the
SUBSTR matching rule [caseExactIA5SubstringsMatch] is not compatible with the
syntax [1.3.6.1.4.1.1466.115.121.1.24] for the attribute [apple-birthday]
[27/Dec/2012:15:43:01 -0700] dse_read_one_file - The entry cn=schema in file
/etc/dirsrv/slapd-cora-ldap2/schema/99apple.ldif (lineno: 1) is invalid, error
code 20 (Type or value exists) - attribute type lastLoginTime: Does not match
the OID "1.3.6.1.1.1.1.35". Another attribute type is already using the name
or OID.
The first looks like incompatibility between:
EQUALITY generalizedTimeMatch
SUBSTR caseExactIA5SubstringsMatch
but I'm not familiar with this.
lastLoginTime is in 60acctpolicy.ldif:
## lastLoginTime holds login state in user entries (GeneralizedTime syntax)
attributeTypes: ( 2.16.840.1.113719.1.1.4.1.35 NAME 'lastLoginTime'
DESC 'Last login time'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE USAGE directoryOperation
X-ORIGIN 'Account Policy Plugin' )
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder Office FAX: 303-415-9702
3380 Mitchell Lane orion(a)nwra.com
Boulder, CO 80301
http://www.nwra.com