Hi,
We are trying to set up our 389 DS instance and everything seems to work except that LDAP browsers cannot seem to access the schema. For example, in the LDAPSort LDAP Admin Tool we receive the error message:
"Unable to read schema!!" Unable to read schema, please login/bind with an account which has access to schema - You can also rebind with any entry using the right-click menu and selecting rebind.
However, we are not trying to access the directory anonymously; we receive this error even when binding as Directory Manager.
We also cannot browser the schema using a standard ldapsearch command.
Any ideas of how to enable schema reading?
Thanks, Stephen
On 05/16/2011 10:13 AM, Stephen Lorenz wrote:
Hi,
We are trying to set up our 389 DS instance and everything seems to work except that LDAP browsers cannot seem to access the schema. For example, in the LDAPSort LDAP Admin Tool we receive the error message:
"Unable to read schema!!" Unable to read schema, please login/bind with an account which has access to schema - You can also rebind with any entry using the right-click menu and selecting rebind.
However, we are not trying to access the directory anonymously; we receive this error even when binding as Directory Manager.
We also cannot browser the schema using a standard ldapsearch command.
Any ideas of how to enable schema reading?
ldapsearch -x -D "cn=directory manager" -W -s base -b "cn=schema" "objectclass=*" attributeTypes objectClasses matchingRules ...... Look in the directory server access log in /var/log/dirsrv/slapd-INSTNAME/access to see what search the client is doing 1) it's not searching cn=schema 2) it's not requesting the attributes attributeTypes objectClasses etc. explicitly - these attributes are operational attributes and must be explicitly requested in the ldap search request
Thanks, Stephen
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org