Klaus Heinrich Kiwi wrote:
Hi,
My understanding is that OpenLDAP software doesn't support subschema modification over LDAP operations, but I'm willing to use OpenLDAP client to change cn=schema on an LDAP server (different vendor) that supports it.
OpenLDAP supports schema modification by way of LDAP operations. It does not support direct modification to "cn=subschema" (not "cn=schema").
Is that possible? Or is the OpenLDAP checking for cn=schema at the client? The output I'm getting is:
You need to modify the "cn=schema,cn=config" within the config naming context, and changes will be reflected into the "cn=subschema" entry.
[root@pam ~]# ldapmodify -H ldap://host -D cn=root -w passwd -x -ZZ -a -f /usr/share/doc/krb5-server-ldap-1.6.2/kerberos.ldif ldapmodify: invalid format (line 5) entry: "cn=schema"
This error indicates a malformed LDIF. You should check whether line 5 of the entry "cn=schema" is correct. This has nothing to do with OpenLDAP's slapd: the error is detected at the client side.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------