Hello,
I'm trying to set up an LDAP server on my box (only for address book management). It seems like there is no schema (or a problem related to the schema) on my test server, and I don't know what I should do to overcome that problem.
The problem (well I think this is a problem) is: Olivier:/etc/ldap# ldapsearch -b cn=schema -x # extended LDIF # # LDAPv3 # base <cn=schema> with scope subtree # filter: (objectclass=*) # requesting: ALL #
# search result search: 2 result: 32 No such object
# numResponses: 1
Here is my slapd.config file: Olivier:/etc/ldap# grep ^[^#$] slapd.conf access to dn.base="" by * read include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 0 modulepath /usr/lib/ldap moduleload back_bdb sizelimit 500 tool-threads 1 timelimit 10 backend bdb database bdb suffix "o=smg" rootdn "cn=OlivierAdmin,o=smg" rootpw {SSHA}(hidden) directory "/var/lib/ldap2" dbconfig set_cachesize 0 2097152 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass eq lastmod on access to * by * read by self write by anonymous read access to attrs=userPassword,shadowLastChange by anonymous auth by self write by * none
And the contents: Olivier:/etc/ldap# slapcat dn: o=smg objectClass: top objectClass: organization o: smg description:: U2VydmljZSBkZXMgTWF0aMOpbWF0aXF1ZXMgZGUgbGEgR2VzdGlvbg== structuralObjectClass: organization entryUUID: 46e1f6c8-310c-102b-9771-d16a0ff3ed80 creatorsName: cn=OlivierAdmin,o=smg createTimestamp: 20070105132747Z entryCSN: 20070105132747Z#000000#00#000000 modifiersName: cn=OlivierAdmin,o=smg modifyTimestamp: 20070105132747Z
More practically, my problem is that using phpldapadmin, I get a "no schema" error after logging in, and I suppose this is related to the "No such object" reply here above...
Any help or pointer would be really appreciated, because I'm searching since two days! Olivier
P.S. : not related, but I was wondering if it is better to create a "o=smg" organisation or "dc=smg8,dc=ulb,dc=ac,dc=be" following my dns name?
Thank you.
Olivier Cailloux wrote:
Hello,
I'm trying to set up an LDAP server on my box (only for address book management). It seems like there is no schema (or a problem related to the schema) on my test server, and I don't know what I should do to overcome that problem.
The problem (well I think this is a problem) is: Olivier:/etc/ldap# ldapsearch -b cn=schema -x
to read the schema you need to search "cn=subschema", as indicated in the subschemaSubentry attribute of the root DSE, using a scope of "base". So your search is incorrect, rather than the server.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
--On Friday, January 05, 2007 3:05 PM +0100 Olivier Cailloux olivier.cailloux@ulb.ac.be wrote:
Hello,
I'm trying to set up an LDAP server on my box (only for address book management). It seems like there is no schema (or a problem related to the schema) on my test server, and I don't know what I should do to overcome that problem.
The problem (well I think this is a problem) is: Olivier:/etc/ldap# ldapsearch -b cn=schema -x
Try ldapsearch -LLL -x -h ldap -b "cn=subschema" -s base +
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
At 06:05 AM 1/5/2007, Olivier Cailloux wrote:
I'm trying to set up an LDAP server on my box (only for address book management). It seems like there is no schema (or a problem related to the schema) on my test server, and I don't know what I should do to overcome that problem.
Your problem is not that the slapd(8) instance has no schema (all slapd(8) instances have some schema... as there is always built-in schema).
Your problem is that you are unable to read the (sub)schema. The root of that problem appears to be a misunderstanding of the general procedure used to read the subschema controlling a particular entry. (The general procedure is defined in these terms, as opposed to a "server's schema", as the specification allows different subtrees to be controlled by schemas... hence the term "subschema".) This procedure is discussed in the FAQ answer: http://www.openldap.org/faq/index.cgi?file=1366
I suggest you take the remaining issues, which are clearly of a general nature, to a general LDAP list (e.g., ldap@umich.edu).
Kurt
openldap-software@openldap.org
-
Kurt D. Zeilenga -
Olivier Cailloux -
Pierangelo Masarati -
Quanah Gibson-Mount