On May 9, 2019, at 11:35 PM, Alexander Bokovoy
<abokovoy(a)redhat.com> wrote:
On to, 09 touko 2019, Boris Cheperis via FreeIPA-users wrote:
> Hi,
>
> I have a set of custom attributes that were successfully used with
> FreeIPA version 4.2. Now I’m trying to make them work in the latest
> version but keep getting an error:
>
>
> ipalib.backend: DEBUG: Created connection context.ldap2_139877799582288
> ipapython.ipaldap: DEBUG: retrieving schema for SchemaCache
url=ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket
<ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket>
<ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket
<ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket>>
conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f37d5fc15a8>
> ipaserver.install.schemaupdate: DEBUG: Processing schema LDIF file employee-a.ldif
How do you pass it to ipa-ldap-updater? From the debug output above it
looks like you are doing it like
ipa-ldap-updater -S employee-a.ldif
Is that right? Can you try passing the full path?
ipa-ldap-updater -S `pwd`/employee-a.ldif
> ipapython.admintool: DEBUG: File
"/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute
> return_value = self.run()
> File
"/usr/lib/python2.7/site-packages/ipaserver/install/ipa_ldap_updater.py", line
143, in run
> ldapi=True) or modified
> File "/usr/lib/python2.7/site-packages/ipaserver/install/schemaupdate.py",
line 129, in update_schema
> _dn, new_schema = ldap.schema.subentry.urlfetch(url)
> File "/usr/lib64/python2.7/site-packages/ldap/schema/subentry.py", line
480, in urlfetch
> ldif_file = urllib.urlopen(uri)
> File "/usr/lib64/python2.7/urllib.py", line 87, in urlopen
> return opener.open(url)
> File "/usr/lib64/python2.7/urllib.py", line 208, in open
> return getattr(self, name)(url)
> File "/usr/lib64/python2.7/urllib.py", line 461, in open_file
> return self.open_ftp(url)
> File "/usr/lib64/python2.7/urllib.py", line 520, in open_ftp
> host = socket.gethostbyname(host)
>
> ipapython.admintool: DEBUG: The ipa-ldap-updater command failed, exception: IOError:
[Errno socket error] [Errno -2] Name or service not known
> ipapython.admintool: ERROR: Unexpected error - see /var/log/ipaupgrade.log for
details:
> IOError: [Errno socket error] [Errno -2] Name or service not known
> ipapython.admintool: ERROR: The ipa-ldap-updater command failed.
>
>
> So far I tried version 4.6.4 and 4.7.2.
> Here are the ldif files that are used for adding attributes and objectless
information.
>
> employee-attrs.ldif:
> dn: cn=schema
> changetype: modify
> add: attributeTypes
> attributeTypes: ( 2.25.128424792425578037463837247958458780603.1
> NAME 'github'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
> attributeTypes: ( 2.25.128424792425578037463837247958458780603.2
> NAME 'squad'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>
>
> employee-objectclass.ldif
> dn: cn=schema
> changetype: modify
> add: objectclasses
> objectclasses: ( 2.25.128424792425578037463837247958458780603.100
> NAME 'Employee' SUP person
> STRUCTURAL
> MAY ( github $ squad )
> X-ORIGIN 'Extending FreeIPA')
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
<mailto:freeipa-users@lists.fedorahosted.org>
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
<mailto:freeipa-users-leave@lists.fedorahosted.org>
> Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
<
https://getfedora.org/code-of-conduct.html>
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
<
https://fedoraproject.org/wiki/Mailing_list_guidelines>
> List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
<
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland