LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Problem with my ldap schema (https://www.linuxquestions.org/questions/linux-server-73/problem-with-my-ldap-schema-737191/)

nhay 07-02-2009 08:03 AM
Problem with my ldap schema
 
Hi,

LDAP works fine for me with the schemas provided, but for simplicity's sake I created a custom schema to fit my particular needs.

I created the following schema in the /usr/local/etc/openldap/schema directory:

#####################################################################
# employee.schema -- Employee
# Basic schema to handle only necessary attributes and classes

# name
# This is the common name of an individual, ex: John Doe
attributetype ( 1.1.2.1.1
NAME 'name'
DESC 'common name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# email
# This is the individual's email address
attributetype ( 1.1.2.1.2
NAME 'email'
DESC 'primary email'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# office
# This is the room number of the individual's office
attributetype ( 1.1.2.1.3
NAME 'office'
DESC 'office room number'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# officePhone
# This is the office telephone number
attributetype ( 1.1.2.1.4
NAME 'officePhone'
DESC 'office phone number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )

# cellPhone
# Individual's cell number if necessary or applicable
attributetype ( 1.1.2.1.5
NAME 'cellPhone'
DESC 'cell phone number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )

# employee
# All personnel of eos
objectclass ( 1.1.2.2.3
NAME 'employee'
SUP top
STRUCTURAL
MUST ( name $ email )
MAY ( office $ officePhone $ cellPhone )
)
#####################################################################

I added the following line to the slapd.conf file:

include /usr/local/etc/openldap/schema/employee.schema

Here is my ldif file:

#####################################################################
dn: cn=test,dc=ldap,dc=sr,dc=unh,dc=edu
name: John Doe
email: jdoe @ example.com
office: Hull 338
officephone: 555 5555
cellphone: 123 1234
objectclass: employee
#####################################################################

When I run ldapadd I get this:

ldap_add: Undefined attribute type (17)
additional info: office: attribute type undefined

If I comment out that particular attribute then I get the same message for officephone and cellphone as well.

I'm completely at a loss. Any help would be greatly appreciated. Thanks in advance.

nowonmai 07-02-2009 08:12 AM
At the risk of asking the obvious... did you restart slapd?

nhay 07-02-2009 08:17 AM
I seemed to have issues doing that. I tried /etc/rc.d/init.d/slapd restart but slapd doesn't seem to be in that directory for some reason. I'm sure there must be some other way to restart it. Any ideas?

nowonmai 07-02-2009 08:47 AM
In many cases, though the server is called slapd, the actual service command is ldap, so you could try /etc/init.d/ldap restart or service ldap restart

nhay 07-02-2009 08:52 AM
Thanks. I gave both of those a try and they both give me this:

Stopping slapd: [FAILED]
Starting slapd: [FAILED]

:-(

nowonmai 07-02-2009 09:03 AM
OK, if you try sudo cat /var/log/messages | grep slapd it should tell you why.
Since the daemon is not running, a start will do instead of a restart

nhay 07-02-2009 09:08 AM
grep returns nothing about slapd in messages. Trying a simple /etc/init.d/ldap start or service ldap start still fails to start slapd.

nhay 07-02-2009 09:38 AM
So it looks like my biggest issue right now is that I can't get slapd to restart (or start apparently). Anyone have any suggestions?

nowonmai 07-02-2009 11:05 AM
In /etc/openldap/slapd.conf, set loglevel to 256
Then, in a terminal, run sudo tail -f /var/log/messages
In another terminal run sudo service ldap start and switch back to the other term to see the messages.

nhay 07-02-2009 12:20 PM
I see a slapd.conf in /etc/openldap/ but I've been editing the one in /usr/local/etc/openldap/. Is that bad? When I add the line loglevel = 256 to that file and tail the logs and run /sbin/service ldap start nothing shows in the logs but I now get this message:

Checking configuration files for slapd: [FAILED]
could not stat config file "/etc/openldap/schema/employee.schema": No such file or directory (2)
slaptest: bad configuration file!

nhay 07-02-2009 12:59 PM
I moved everything over to /etc/openldap/ and edited that slapd.conf file. Now when I try to restart slapd I get this error:

/etc/openldap/slapd.conf: line 90: <suffix> invalid DN 21 (Invalid syntax)
slaptest: bad configuration file!

I checked my slapd.conf and my suffix is the same as it was before in my other conf file. I don't know what's wrong. This is starting to drive me crazy!

nowonmai 07-03-2009 03:23 AM
Can you attach the file?

nhay 07-03-2009 07:37 PM
1 Attachment(s)
Here's my slapd.conf


All times are GMT -5. The time now is 07:28 PM.