Hi,
my slapd.conf file is like this :
# See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/new_core.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /usr/local/var/run/slapd.pid argsfile /usr/local/var/run/slapd.args
####################################################################### # BDB database definitions ####################################################################### database bdb suffix "dc=cdac,dc=in" rootdn "cn=Manager,dc=cdac,dc=in" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq dn: FileName=home,dc=cdac,dc=in FileName: home ref: ldap://neo00/FileName=home,dc=cdac,dc=in objectClass: referral objectClass: extensibleObject and i have added these additional members in the default core.schema :
objectclass ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' DESC 'RFC2252: extensible object' SUP top AUXILIARY )
attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'named reference - a labeledURI' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE distributedOperation )
objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC 'named subordinate reference object' STRUCTURAL MUST ref )
and when i am going to start slapd it will give me error :
root@neo05:/root/anjali/openldap/openldap-2.3.38/servers/slapd @(#) $OpenLDAP: slapd 2.3.38 (Dec 10 2007 16:07:48) $ root@neo05:/root/anjali/openldap/openldap-2.3.38/servers/slapd daemon_init: listen on ldap:/// daemon_init: 1 listeners to open... ldap_url_parse_ext(ldap:///) daemon: listener initialized ldap:/// daemon_init: 1 listeners opened neo05 init: initiated server. slap_sasl_init: initialized! bdb_back_initialize: initialize BDB backend bdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (September 21, 2004) hdb_back_initialize: initialize HDB backend hdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (September 21, 2004) /usr/local/etc/openldap/schema/core.schema: line 597: attribute type " 2.16.840.1.113730.3.1.34" is operational neo05 destroy: freeing system resources. slapd stopped. connections_destroy: nothing to destroy. [1]+ Exit 1 /usr/local/libexec/slapd -V -n neo05 -4 -d 1 Please give me solution for this problem as soon as possible.
Actually i want to do the communication between two ldap servers in chaining fasion
Thanks and Regards, Anjali
and i have added these additional members in the default core.schema :
objectclass ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' DESC 'RFC2252: extensible object' SUP top AUXILIARY )
attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'named reference - a labeledURI' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE distributedOperation )
objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC 'named subordinate reference object' STRUCTURAL MUST ref )
(0) Don't edit core.schema, as OpenLDAP may ship a new one in a future release. Leave your local schema in local files.
(1) These objects are hard coded in schema_prep.c. They are standardized OIDs. They do not need to be redefined in core.schema, and were not there for this reason.
(2) These are standardized definitions. Do not attempt to modify them. Obtain your own OID arc if necessary. See the relevant RFCs for details.
Aaron Richton wrote:
(0) Don't edit core.schema, as OpenLDAP may ship a new one in a future release. Leave your local schema in local files.
(1) These objects are hard coded in schema_prep.c. They are standardized OIDs. They do not need to be redefined in core.schema, and were not there for this reason.
(2) These are standardized definitions. Do not attempt to modify them. Obtain your own OID arc if necessary. See the relevant RFCs for details.
And (3): as the error message indicates, the "ref" attribute is operational; as such, it cannot be defined by the user through a change in the configuration. In fact, being operational, the implementation needs to know how to deal with it (e.g. how to populate and use it).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
openldap-software@openldap.org
-
Aaron Richton -
Anjali Arora -
Pierangelo Masarati