Автор Тема: Зор с OpenLdap  (Прочетена 1064 пъти)

setic

  • Напреднали
  • *****
  • Публикации: 22
  • Distribution: Gentoo
  • Window Manager: Xfce
    • Профил
Зор с OpenLdap
« -: Sep 27, 2012, 14:29 »
Здравейте

Имам проблем със OpenLdap ( версията е 2.4.30 ).
Опитвам се да си направя едно тефтерче за контактите ми и за целта искам да създам своя схема.
Зора е че след това като се опитам да добавя нещо ми гърми:
============
hdb_add: entry failed schema check: no objectClass attribute (65)
slapd[10031]: send_ldap_result: conn=1000 op=1 p=3
slapd[10031]: send_ldap_result: err=65 matched="" text="no objectClass attribute"
slapd[10031]: send_ldap_response: msgid=2 tag=105 err=65
slapd[10031]: conn=1000 op=1 RESULT tag=105 err=65 text=no objectClass attribute
============

Грешка 65 значи: LDAP_OBJECT_CLASS_VIOLATION - An object class violation occurred when using the current schema, for example, a "must" attribute was missing when adding an entry.

Някой може ли да ми помогне да разбера какво не е наред ?
Прикрепил съм схемата.

Предварително благодаря.

П.С. Системата е Linux Gentoo 3.2.12-gentoo #7 SMP Tue Jun 19 14:06:22 EEST 2012 i686 Intel(R) Pentium(R) 4 CPU 3.00GHz GenuineIntel GNU/Linux
Активен

XsPiDeR

  • Напреднали
  • *****
  • Публикации: 42
  • Distribution: CentOS 6
  • Window Manager: GNOME
    • Профил
    • WWW
Re: Зор с OpenLdap
« Отговор #1 -: Sep 28, 2012, 00:58 »
post slapd.conf
Активен

setic

  • Напреднали
  • *****
  • Публикации: 22
  • Distribution: Gentoo
  • Window Manager: Xfce
    • Профил
Re: Зор с OpenLdap
« Отговор #2 -: Sep 28, 2012, 12:20 »
Това ми е конфигурационният файл на тестовата среда.
===============

cat /etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include   /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
#include /etc/openldap/schema/nis.schema
#include /etc/openldap/schema/mozillaorgperson.schema
#include   /etc/openldap/schema/misc.schema
#include /etc/openldap/schema/evolutionperson.schema
include   /etc/openldap/schema/tefter.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral   ldap://root.openldap.org

pidfile      /var/run/openldap/slapd.pid
argsfile   /var/run/openldap/slapd.args
logfile      /var/log/ldap/slapd.log
loglevel   -1

# Load dynamic backend modules:
# modulepath   /usr/lib/openldap/openldap
# moduleload   back_sock.so
# moduleload   back_shell.so
# moduleload   back_relay.so
# moduleload   back_passwd.so
# moduleload   back_null.so
# moduleload   back_monitor.so
# moduleload   back_meta.so
# moduleload   back_ldap.so
# moduleload   back_dnssrv.so

# Sample security restrictions
#   Require integrity protection (prevent hijacking)
#   Require 112-bit (3DES or better) encryption for updates
#   Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
#security  simple_bind=64


# Sample access control policy:
#   Root DSE: allow anyone to read it
#   Subschema (sub)entry DSE: allow anyone to read it
#   Other DSEs:
#      Allow self write access
#      Allow authenticated users read access
#      Allow anonymous users to authenticate
#   Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to dn.base="ou=personal"

access to *
   by * manage
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database   hdb
suffix      "dc=findstamps,dc=com"
#         <kbyte> <min>
checkpoint   32   30
rootdn      "cn=Manager,dc=findstamps,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw      "{SSHA}DIS3gp/fHw2cp+021EXBNl3m8zeZLKEP"
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory   /var/lib/openldap-data
# Indices to maintain
index   objectClass   eq
Активен

Подобни теми
Заглавие Започната от Отговора Прегледи Последна публикация
Openldap with sasl specialist
Кошче
CyberGod 1 1247 Последна публикация Jul 18, 2007, 01:04
от alabal
FreeBSD, OpenLDAP оторизация.
Настройки на софтуер
Gruntz 1 1641 Последна публикация Dec 01, 2008, 13:28
от Gruntz
openldap + centos 5 + syncrepl
Хардуерни и софтуерни проблеми
cleric 1 1594 Последна публикация Mar 14, 2009, 13:25
от cleric