fedora-directory-users,
using: RHEL4 (update 1), fedora-ds-7.1-2.RHEL4
Trying to follow the instructions on http://directory.fedora.redhat.com/wiki/Howto:SolarisClient.
Both the published DUAConfigProfile schema and the http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt converted by ol-schema-migrate.pl don't seem to be able to be imported.
Both result in :
cn=schema: Error adding object 'dn: cn=schema'. The error sent by the server was 'Object class violation. missing required attribute "objectclass"
Any suggestions?
--- Note: in my case the ol-schema-migrate.pl output did not include the "objectClasses", had to fix this in the script by changing:
- if ( /object[c|C]lass/ ) { + if ( /^object[c|C]lass/ ) {
(There where comments in the DUAConfigProfile with an "objectclass" mentioned) ---
Justin
Justin Albstmeijer wrote:
fedora-directory-users,
using: RHEL4 (update 1), fedora-ds-7.1-2.RHEL4
Trying to follow the instructions on http://directory.fedora.redhat.com/wiki/Howto:SolarisClient.
Both the published DUAConfigProfile schema and the http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt converted by ol-schema-migrate.pl don't seem to be able to be imported.
Both result in :
cn=schema: Error adding object 'dn: cn=schema'. The error sent by the server was 'Object class violation. missing required attribute "objectclass"
Any suggestions?
You shouldn't be trying to add a new "cn=schema" entry, but instead you should be adding the "attributetype" and "objectclasses" attributes from the published DUAConfigProfile schema to the existing "cn=schema" entry. You can do this with the ldapmodify tool.
The DUAConfig Profile schema output on the wiki appears to be search output.
-NGK
Note: in my case the ol-schema-migrate.pl output did not include the "objectClasses", had to fix this in the script by changing:
- if ( /object[c|C]lass/ ) {
- if ( /^object[c|C]lass/ ) {
(There where comments in the DUAConfigProfile with an "objectclass" mentioned)
Justin
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Justin Albstmeijer wrote:
Both the published DUAConfigProfile schema and the http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt converted by ol-schema-migrate.pl don't seem to be able to be imported.
Hi, I wrote that ol-schema-migrate.pl tool. My first bug report!
I have never seen this "objectIdentifier" definition before, but it looks like something OpenLDAP would do:
--
objectIdentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1
attributetype ( DUAConfSchemaOID:1.0
--
I will possibly enhance the script to support that , although I really wonder how often it is used...
Note: in my case the ol-schema-migrate.pl output did not include the "objectClasses", had to fix this in the script by changing:
- if ( /object[c|C]lass/ ) {
- if ( /^object[c|C]lass/ ) {
(There where comments in the DUAConfigProfile with an "objectclass" mentioned)
Yes, I see what you mean. I will fix this.
BR, -- mike
Mike Jackson wrote:
Justin Albstmeijer wrote:
Both the published DUAConfigProfile schema and the http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt converted by ol-schema-migrate.pl don't seem to be able to be imported.
Hi, I wrote that ol-schema-migrate.pl tool. My first bug report!
I have never seen this "objectIdentifier" definition before, but it looks like something OpenLDAP would do:
--
objectIdentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1
attributetype ( DUAConfSchemaOID:1.0
--
I will possibly enhance the script to support that , although I really wonder how often it is used...
I've seen it in several of the newer OpenLDAP schema files. I doubt FDS will support that, since our schema files are in LDIF format you see if you do an ldapsearch of the cn=schema entry, and that syntax is not valid RFC2252.
Note: in my case the ol-schema-migrate.pl output did not include the "objectClasses", had to fix this in the script by changing:
- if ( /object[c|C]lass/ ) {
- if ( /^object[c|C]lass/ ) {
(There where comments in the DUAConfigProfile with an "objectclass" mentioned)
Yes, I see what you mean. I will fix this.
BR,
mike
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
I suppose someone got it to work? non of the previous suggestions did the trick.
Anyone? I seem to be looking for a modify ldif file to import the DUAConfigProfile Schema
Justin
I'm having a problem similar to yours (after running the ol-schema-migrate.pl:
# ./start-slapd [19/Aug/2005:10:43:09 -0400] dse - The entry cn=schema in file /opt/fedora-ds/slapd-cnyitlin02/config/schema/61solaris.ldif is invalid, error code 21 (Invalid syntax) - attribute type nisDomain: Missing attribute syntax OID
This is after I removed the 61dua...file. That one bombs as well.
Anybody has a working pair of those 2 schemas, in FDS ldif format I can use?
Thank you. --- Justin Albstmeijer justin@VLAMea.nl wrote:
I suppose someone got it to work? non of the previous suggestions did the trick.
Anyone? I seem to be looking for a modify ldif file to import the DUAConfigProfile Schema
Justin
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Igor,
Yes got it to work eventually. Just copy these two files to /opt/fedora-ds/slapd-cnyitlin02/config/schema/ and restart de slapd instance.
Justin
I'm having a problem similar to yours (after running the ol-schema-migrate.pl:
# ./start-slapd [19/Aug/2005:10:43:09 -0400] dse - The entry cn=schema in file /opt/fedora-ds/slapd-cnyitlin02/config/schema/61solaris.ldif is invalid, error code 21 (Invalid syntax) - attribute type nisDomain: Missing attribute syntax OID
This is after I removed the 61dua...file. That one bombs as well.
Anybody has a working pair of those 2 schemas, in FDS ldif format I can use?
Thank you. --- Justin Albstmeijer justin@VLAMea.nl wrote:
I suppose someone got it to work? non of the previous suggestions did the trick.
Anyone? I seem to be looking for a modify ldif file to import the DUAConfigProfile Schema
Justin
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Igor wrote:
I'm having a problem similar to yours (after running the ol-schema-migrate.pl:
# ./start-slapd [19/Aug/2005:10:43:09 -0400] dse - The entry cn=schema in file /opt/fedora-ds/slapd-cnyitlin02/config/schema/61solaris.ldif is invalid, error code 21 (Invalid syntax) - attribute type nisDomain: Missing attribute syntax OID
This is after I removed the 61dua...file. That one bombs as well.
Anybody has a working pair of those 2 schemas, in FDS ldif format I can use?
Hi, Please send me a copy of your original schema, so that I can make corrections to the schema migration tool.
BR, Mike
Mike, I got the original schema from Gary's site:
http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt
--- Mike Jackson mj@sci.fi wrote:
Igor wrote:
I'm having a problem similar to yours (after
running
the ol-schema-migrate.pl:
# ./start-slapd [19/Aug/2005:10:43:09 -0400] dse - The entry
cn=schema
in file
/opt/fedora-ds/slapd-cnyitlin02/config/schema/61solaris.ldif
is invalid, error code 21 (Invalid syntax) -
attribute
type nisDomain: Missing attribute syntax OID
This is after I removed the 61dua...file. That one bombs as well.
Anybody has a working pair of those 2 schemas, in
FDS
ldif format I can use?
Hi, Please send me a copy of your original schema, so that I can make corrections to the schema migration tool.
BR, Mike
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Igor wrote:
Mike, I got the original schema from Gary's site:
http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt
--- Mike Jackson mj@sci.fi wrote:
I mean that 61solaris.ldif. Can you show me that one before it was converted?
-- mike
this is it.
--- Mike Jackson mj@sci.fi wrote:
Igor wrote:
Mike, I got the original schema from Gary's site:
http://web.singnet.com.sg/~garyttt/DUAConfigProfile.schema.txt
--- Mike Jackson mj@sci.fi wrote:
I mean that 61solaris.ldif. Can you show me that one before it was converted?
-- mike
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
__________________________________ Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html
# http://www.int-evry.fr/mci/user/procacci/ldap/solaris.schema # # solaris.schema # ''works in progress and incomplete''. # It would help if sun would publish this information! # If you have any comments/suggestion/correction # please let me know (igor@ipass.net) # # Some correction on oid and attributetype # were made by Marc Bourget (bourget@up2.com) # Up2 Technologies (div. Teleglobe Communication Corp) # oid number and additional attributetype were taken from: # Solaris and LDAP Naming Service, Deploying LDAP in the Enterprise. # Tom Bialanski and Michael Haines, Sun Microsystems Press, # A Prentice Hall Title, 2001, ISBN 0-13-030678-9
# Sun nisMapEntry attributes attributetype ( 1.3.6.1.1.1.1.28 NAME 'nisPublickey' DESC 'nisPublickey' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.1.1.1.29 NAME 'nisSecretkey' DESC 'nisSecretkey' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.1.1.1.12 SUP name NAME 'nisDomain' )
# Sun additional attributes to RFC2307 attributes (NIS) attributetype ( 2.16.840.1.113730.3.1.30 NAME 'mgrpRFC822MailMember' DESC 'mgrpRFC822MailMember' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
#attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15 # NAME 'rfc822MailMember' # DESC 'rfc822MailMember' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.42.2.27.1.1.12 NAME 'nisNetIdUser' DESC 'nisNetIdUser' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.42.2.27.1.1.13 NAME 'nisNetIdGroup' DESC 'nisNetIdGroup' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.42.2.27.1.1.14 NAME 'nisNetIdHost' DESC 'nisNetIdHost' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# Sun NIS publickey objectclass objectclass ( 1.3.6.1.1.1.2.14 NAME 'NisKeyObject' DESC 'NisKeyObject' SUP top MUST ( cn $ nisPublickey $ nisSecretkey ) MAY ( uidNumber $ description ) )
# Sun NIS domain objectclass objectclass ( 1.3.1.6.1.1.1.2.15 NAME 'nisDomainObject' DESC 'nisDomainObject' SUP top AUXILIARY MUST ( nisDomain ) )
# Sun NIS mailGroup objectclass objectclass ( 2.16.840.1.113730.3.2.4 NAME 'mailGroup' DESC 'mailGroup' SUP top MUST ( mail ) MAY ( cn $ mgrpRFC822MailMember ) )
# Sun NIS nisMailAlias objectclass #objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5 # NAME 'nisMailAlias' # DESC 'nisMailAlias' # SUP top # MUST ( cn ) # MAY ( rfc822mailMember ) )
# Sun NIS nisNetId objectclass objectclass ( 1.3.6.1.4.1.42.2.27.1.2.6 NAME 'nisNetId' DESC 'nisNetId' SUP top MUST ( cn ) MAY ( nisNetIdUser $ nisNetIdGroup $ nisNetIdHost ) )
# Below is optional unless you want to use ldap_gen_profile attributetype ( 1.3.6.1.4.1.42.2.27.5.1.15 SUP name NAME 'SolarisLDAPServers' DESC 'SolarisLDAPServers' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.16 SUP name NAME 'SolarisSearchBaseDN' DESC 'SolarisSearchBaseDN' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.17 NAME 'SolarisCacheTTL' DESC 'SolarisCacheTTL' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.18 SUP name NAME 'SolarisBindDN' DESC 'SolarisBindDN' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.19 SUP name NAME 'SolarisBindPassword' DESC 'SolarisBindPassword' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.20 SUP name NAME 'SolarisAuthMethod' DESC 'SolarisAuthMethod' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.21 SUP name NAME 'SolarisTransportSecurity' DESC 'SolarisTransportSecurity' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.24 SUP name NAME 'SolarisDataSearchDN' DESC 'SolarisDataSearchDN' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.25 SUP name NAME 'SolarisSearchScope' DESC 'SolarisSearchScope' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.26 NAME 'SolarisSearchTimeLimit' DESC 'SolarisSearchTimeLimit' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.27 SUP name NAME 'SolarisPreferedServer' DESC 'SolarisPreferedServer' )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.28 SUP name NAME 'SolarisPreferedServerOnly' DESC 'SolarisPreferedServerOnly' SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.42.2.27.5.1.29 SUP name NAME 'SolarisSearchReferral' DESC 'SolarisSearchReferral' SINGLE-VALUE )
objectclass ( 1.3.6.1.4.1.42.2.27.5.2.7 NAME 'SolarisNamingProfile' DESC 'Solaris LDAP NSS Profile' SUP top STRUCTURAL MUST ( cn $ SolarisLDAPServers ) MAY ( SolarisBindDN $ SolarisBindPassword $ SolarisSearchBaseDN $ SolarisAuthMethod $ SolarisTransportSecurity $ SolarisSearchReferral $ SolarisDataSearchDN $ SolarisSearchScope $ SolarisSearchTimeLimit $ SolarisCacheTTL ) )
# End of solaris.schema
389-users@lists.fedoraproject.org