Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am getting this error message when I try to add information to the ldap server. Can any one help
adding new entry "dc=mslinux, dc=com"
ldap_add: Object class violation
additional info: unrecognized objectClass 'organzation'
ldif_record() = 65
adding new entry "mail=root@mslinux.com, dc=mslinux, dc=com"
ldap_add: No such object
additional info: parent does not exist
ldif_record() = 32
adding new entry "mail=msingh@mslinux.com, dc=mslinux,dc=com"
ldap_add: No such object
additional info: parent does not exist
ldif_record() = 32
Copy of my sldap.conf file
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/rfc822-MailMember.schema
include /etc/openldap/schema/redhat/autofs.schema
include /etc/openldap/schema/redhat/kerberosobject.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
#
# The next two lines allow use of TLS for connections using a dummy test
# certificate, but you should generate a proper certificate by changing to
# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
# slapd.pem so that the ldap user or group can read it.
# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
#
#
#access to dn="" by * read
#access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default is:
# Allow read by all
#
# rootdn can always write!
dn: dc=John Brown,dc=mslinux,dc=com
objectclass: inetOrgPerson
cn: John Brown
gn: John
sn: Brown
mail: jbrown@mslinux.com
telephoneNumber: 876-123-4456
HI
I AM HAVING A PROBLEM WITH MY OPENLDAP SETUP.WHEN I ADD AN LDIF USING-
ldapadd -D "cn=Manager, dc=mycoll, dc=edu" -f mycoll-top.ldif -x
I GET -
adding new entry "dc=mycoll, dc=edu"
ldap_add: Insufficient access
ldif_record() = 50
WHEN I USE -W -
ldapadd -w secret -D "cn=admin, dc=mycoll, dc=edu" -f mycoll-top.ldif -x
I GET -
ldap_bind: Invalid credentials
copy of my slapd.conf is
###########################
database ldbm
suffix "dc=mycoll,dc=edu"
#suffix "o=My Organization Name,c=US"
rootdn "cn=Manager,dc=mycoll,dc=edu"
#rootdn "cn=Manager,o=My Organization Name,c=US"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw {SSHA}kAihLiAAisfMPD1pS5UiNW0u9qNUqkRj
# rootpw {crypt}ijFYNcSNctBYg
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
replogfile /var/lib/ldap/replication.log
directory /var/lib/ldap
#for performance
loglevel 0
# Indices to maintain
index objectClass,uid,sn,uidNumber,gidNumber,memberUid eq
index cn,mail,givenname eq,subinitial
# Replicas to which we should propagate changes
#replica host=ldap-1.example.com:389 tls=yes
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/ldap-master.example.com@EXAMPLE.COM
#######################################
#access control list
######################################
#prevents users from looking at passwords
access to attr=userpassword,clearpassword,ldappassword
by anonymous auth
by self write
by dn="cn=Manager,dc=mycoll,dc=edu" write
by dn="cn=courier,dc=mycoll,dc=edu" read
by * none
#filters need access to this
access to attr=accountstatus
by dn="cn=courier,dc=mycoll,dc=edu" read
by dn="cn=postfix,dc=mycoll,dc=edu" read
#prevents users from viewing employeenumber
access to attr=employeeNumber
by dn="cn=Manager,dc=mycoll,dc=edu" write
by * none
access to *
by dn="cn=Manager, dc=mycoll, dc=edu" write
by users read
by self write
by * read
#EOF
THE LDIF WHICH I WAS TRYING TO ADD ID
dn: dc=mycoll, dc=edu
#dc=mycoll
objectclass: top
objectclass: organization
o: mycollage
description: top level of directory
dn: ou=people, dc=mycoll, dc=edu
objectclass: top
objectclass: organizationalunit
ou: people
description: people within my college (AKA ADDRESS-BOOK).
dn: ou=mailaccounts, dc=mycoll, dc=edu
objectclass: top
objectclass: organizationalunit
ou: mailaccounts
description: people with mailaccounts at my college.
dn: ou=daemons, dc=mycoll, dc=edu
objectclass: top
objectclass: organizationalunit
ou: daemons
description: daemons that run programs
----------------------------------------------------------------------------------
CAN SOMEONE GUIDE ME OUT OF THIS PROBLEM
RANJAN SIMON
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
ldap_add: Insufficient access
