[ale] LDAP Problems (newbie)

Nathan J. Underwood ale1 at cybertechcafe.net
Fri Aug 6 12:40:36 EDT 2004


In trying to get a control specimen to work with, I cut and pasted the 
.ldif file from the page on Linux Journal, and modified it so that it 
was using my domain name rather than foo.com, and root rather than 
manager, and then copied and pasted the slapd.conf from the site (again, 
substituting my domain name and root).  This time, though, when I try to 
add the .ldif, I get the following error:

[root at gandalf openldap]# ldapadd -x -D 'cn=root,dc=domainname,dc=com' -f 
ldifs/top.ldif -W
Enter LDAP Password:
adding new entry "dc=domanname,dc=com"
ldapadd: update failed: dc=domainname,dc=com
ldap_add: Internal (implementation specific) error (80)

I googled a bit, and found that 80 seems to be some kind of 
miscellaneous error, which didn't help out much.  Below are my 
slapd.conf and top.ldif file.

****  slapd.conf
# Schemas to use
include  /etc/openldap/schema/core.schema
include  /etc/openldap/schema/cosine.schema
include  /etc/openldap/schema/inetorgperson.schema
include  /etc/openldap/schema/nis.schema
include  /etc/openldap/schema/redhat/
rfc822-MailMember.schema
include  /etc/openldap/schema/redhat/autofs.schema
include  /etc/openldap/schema/redhat/
kerberosobject.schema

database       ldbm
suffix         "dc=domanname,dc=com"
rootdn         "cn=root, dc=domanname, dc=com"
rootpw         {SSHA}PDquw1to2fRhHCQ08r8Td51I6B3CiYbt
directory      /var/lib/ldap/domanname.com
loglevel -1

index   default                             eq
index   objectClass,uid,uidNumber,gidNumber eq
index   cn,mail,surname,givenname           eq,sub

# Access Control (See openldap v.2.0 Admin Guide)
access to attr=userPassword
    by self         write
    by anonymous    auth
    by dn="cn=root,dc=domanname,dc=com"       write
    by *    compare
access to *
    by self write
    by dn="cn=root,dc=domanname,dc=com"       write
    by * read

**** top.ldif

dn: dc=domanname,dc=com
objectclass: dcObject
objectclass: organization
o: domain name
dc: domanname   <-------If I put the .com on here, I get the other (64) 
error.  I apologize, but I'm at the trial and error stage now.  Not very 
  scientific, but when I get it right, I can work backwards from there.

dn: cn=root, dc=domanname, dc=com
objectclass: organizationalRole
cn: manager

dn: ou=people, dc=domanname, dc=com
ou: people
objectclass: organizationalUnit
objectclass: domainRelatedObject
associatedDomain: domanname.com

dn: ou=contacts, ou=people, dc=domanname, dc=com
ou: contacts
ou: people
objectclass: organizationalUnit
objectclass: domainRelatedObject
associatedDomain: domanname.com

dn: ou=group, dc=domanname, dc=com
ou: group
objectclass: organizationalUnit
objectclass: domainRelatedObject


--
registered linux user # 73046

Nathan J. Underwood
Cyber Tech Cafe' <><
http://www.cybertechcafe.net

Nathan J. Underwood wrote:
> Ok, I'm fumbling my way through this LDAP / Samba v3 stuff for domain 
> authentication, and I'm just not having a lot of luck.  I have my 
> /etc/openldap/slapd.conf file setup the way that (I believe) I need it 
> (per the Quick Start guide and 
> http://www.linuxjournal.com/article.php?sid=6266), and I'm able to start 
> and query the server.  The article at 
> http://www.linuxjournal.com/article.php?sid=6266 is actually pretty much 
> everything that I want to do, so I got excited when I found it, but it's 
> not working quite like I'd hoped.  I've basically mirrored the 
> slapd.conf file, and created a top.ldif file that's almost identical to 
> the one listed (I've changed foo to my domain name).  When I try to use 
> ldapadd to add it to the directory, I get the following error:
> 
> ldap_add: Naming violation (64)
>         additional info: value of naming attribute 'dc' is not present 
> in entry
> 
> I'm going to continue googling (isn't it funny how that's a verb now?), 
> but if any of you have had / overcome the same problem, any pointers 
> would be appreciated.
> -- 
> registered linux user # 73046
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature




More information about the Ale mailing list