Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Adding additional schemas to slapd requires the schema to be converted to LDIF format. Fortunately, the slapd program can be used to automate the conversion. The following example will add the misc.schema:
1. First, create a conversion schema_convert.conf file containing the following lines:
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/collective.schema
include /etc/ldap/schema/corba.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/duaconf.schema
include /etc/ldap/schema/dyngroup.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/java.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/ppolicy.schema
2. Next, create a temporary directory to hold the output:
mkdir /tmp/ldif_output
3. Now using slaptest convert the schema files to LDIF:
Adjust the configuration file name and temporary directory names if yours are different. Also, it may be worthwhile to keep the ldif_output directory around in case you want to add additional schemas in the future.
4. Edit the /tmp/ldif_output/cn=config/cn=schema/cn={8}misc.ldif file, changing the following attributes:
dn: cn=misc,cn=schema,cn=config
...
cn: misc
And remove the following lines from the bottom of the file:
I have seen this tutorial before, I followed it, but it doesn't work.
# ldapadd -x -D cn=admin,cn=config -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{8\}misc.ldif
ldap_bind: Server is unwilling to perform (53)
additional info: unauthenticated bind (DN with no password) disallowed
OR
# ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{8\}misc.ldif
Enter LDAP Password:
adding new entry "cn=misc"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
I'm using Ubuntu 8.10 .
I want to include rfc2307bis.schema and exclude nis.schema due to egroupware advice.
# ldapadd -x -D cn=admin,cn=config -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{8\}misc.ldif
ldap_bind: Server is unwilling to perform (53)
additional info: unauthenticated bind (DN with no password) disallowed
This is because you didn't provide a password
Quote:
# ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{8\}misc.ldif
Enter LDAP Password:
adding new entry "cn=misc"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
Make sure that the dn (cn=admin,cn=config) and the password you use are correct.
Also make sure you've remove the last lines from the ldif as mentioned in the guide.
Also you said you want to add rfc2307bis.schema, but you're trying to add the misc.schema as in the example.
You can use ldapbrowser to manage the ldapserver.
The second example uses the correct password, as showed.
I used the misc.schema to test the tutorial, so I think the tutorial doesn't work with Ubuntu 8.10 and OpenLDAP 2.4.11 . So, it will fail with my purpose.
I'm searching the Internet a month and not found the solution, yet.
The ldapbrowser is a GUI. I'm using openldap on a server without GUI and with loopback address.
I used the misc.schema to test the tutorial, so I think the tutorial doesn't work with Ubuntu 8.10 and OpenLDAP 2.4.11 . So, it will fail with my purpose.
The guide is written for Ubuntu 8.10 and the openldap version I don't think it's important.
Anyway you are not going to succeed with the misc.schema. I guess you'll get a "Duplicate entry..." or "Already exists..." error. Try to add directly the rfc2307bis.schema you want.
Another thing to pay attention is to edit the ldif and use the correct dn and cn values for the entry you want to add. In the misc.schema example you must have:
The item 4 on https://help.ubuntu.com/8.10/serverg...ap-server.html is not clear. The output of previous step (for the misc.ldif) has "dn: cn={8}misc". So I changed it to "dn: cn=misc,cn=schema,cn=config" as you pointed it. It worked fine.
I think it's more clear to say:
4. edit the misc{8}.ldif:
"dn: cn={8}misc" to "dn: cn=misc,cn=schema,cn=config".
...
I am also working on openldap + samba on ubuntu 8.10 using the guide.
But i am also stuck on the point where it says
ldapadd -x -D cn=admin,cn=config -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{12\}misc.ldif
for me it says
/tmp/ldif_output/cn=config/cn=schema/cn={12}misc.ldif: No such file or directory
If i create file cn={12}misc.ldif manually and ran the command it says
ldap_bind: Server is unwilling to perform (53)
additional info: unauthenticated bind (DN with no password) disallowed
I enter the password I set during installation of openldap and I get an invalid credentials message
I assume that cn=admin,cn=config is correct. I have also tried cn=admin,dc=mydomain but I get this
Code:
root@sullivan:/etc/ldap/schema# ldapadd -x -D "cn=admin,dc=berrancenetworks,dc=local" -W -f /etc/ldap/schema/output/cn\=config/cn\=schema/cn\=\{4\}samba.ldif
Enter LDAP Password:
adding new entry "cn=samba,cn=schema,cn=config"
ldap_add: Insufficient access (50)
Its been a few years since Iast set up ldap up so I have forgotten a few things plus all the config is now done in ldif format, so I am a little miffed to say the least.
(edit)
Forgot to add I am on Debian 6.0.1 and using OpenLDAP 2.4.27-7
If anyone still needs help with this, I added my schema, this is how I did it: (I'm running openldap 2.4.23-7.2 over debian6) It's pretty much the same as bathory says, but I'm gonna write everything I did, just in case
vim /tmp/borrame.conf
(this is what goes in the file)
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/mypersonalschema.schema
Edit the generated file
vim /tmp/borrame.d/cn\=config/cn\=schema/cn\=\{5\}mypersonalschema.ldif
I changed the three head lines to this:
dn: cn=mypersonalschema,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: mypersonalschema
Then I deleted these lines from the bottom of the file:
structuralObjectClass:
entryUUID:
creatorsName:
createTimestamp:
entryCSN:
modifiersName:
modifyTimestamp:
And at last I inserted the new schema to the ldap tree:
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/borrame.d/cn\=config/cn\=schema/cn\=\{5\}mypersonalschema.ldif
If anyone still needs help with this, I added my schema, this is how I did it: (I'm running openldap 2.4.23-7.2 over debian6) It's pretty much the same as bathory says, but I'm gonna write everything I did, just in case
vim /tmp/borrame.conf
(this is what goes in the file)
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/mypersonalschema.schema
Edit the generated file
vim /tmp/borrame.d/cn\=config/cn\=schema/cn\=\{5\}mypersonalschema.ldif
I changed the three head lines to this:
dn: cn=mypersonalschema,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: mypersonalschema
Then I deleted these lines from the bottom of the file:
structuralObjectClass:
entryUUID:
creatorsName:
createTimestamp:
entryCSN:
modifiersName:
modifyTimestamp:
And at last I inserted the new schema to the ldap tree:
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/borrame.d/cn\=config/cn\=schema/cn\=\{5\}mypersonalschema.ldif
I hope this helps,
Daniela
THAT guide works.
Muchas gracias Daniela, you saved my life.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.