RE: Host based authentication using OpenLDAP

Yes I added ldapns.schema

Cat slapd.conf

# # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema

# Schemas requis pour les comptes Posix include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/nis.schema

#Radius include /usr/local/etc/openldap/schema/RADIUS-LDAPv3.schema

[...]

attributetype ( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService' DESC 'IANA GSS-API authorized service name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

objectclass ( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject' DESC 'Auxiliary object class for adding authorizedService attribute' SUP top AUXILIARY MAY authorizedService )

objectclass ( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject' DESC 'Auxiliary object class for adding host attribute' SUP top AUXILIARY MAY host )

-----Message d'origine----- De : openldap-technical-bounces+francois.mehault=netplus.fr@OpenLDAP.org [mailto:openldap-technical-bounces+francois.mehault=netplus.fr@OpenLDAP.org] De la part de Per Kristiansen Envoyé : lundi 25 mai 2009 10:26 À : openldap-technical@openldap.org Objet : Re: Host based authentication using OpenLDAP

François Mehault wrote:

Hi

I follow your conversation because I have to do the same thing, so I would like to add hosts in my openldap but I don't succeed

My add.ldif

dn: cn=hostlab,ou=hosts,dc=netplus,dc=fr objectClass: top objectClass: authorizedServiceObject objectClass: ipHost cn: hostlab ipHostNumber: 192.168.45.69 authorizedService: sshd authorizedService: ftp

my command

# ldapadd -x -D "cn=manager,dc=netplus,dc=fr" -w **** -f add.ldif adding new entry "cn=hostlab,ou=hosts,dc=netplus,dc=fr" ldapadd: Object class violation (65) additional info: no structural object class provided

What is the problem ? in my phpldapadmin I have this message:

Importation au format LDIF Impossible d'ajouter un objet : cn=hostlab,ou=hosts,dc=netplus,dc=fr LDAP dit :: LDAP_OBJECT_CLASS_VIOLATION You tried to perform an operation that would cause an undefined attribute to exist or that would remove a required attribute, given the current list of ObjectClasses. This can also occur if you do not specify a structural objectClass when creating an entry, or if you specify more than one structural objectClass.

Maybe I had to post in a new message, sorry if I'm wrong.

Regards,

François

did you add the ldapns.schema ?

I seem to remember getting something similar when I started out testing this and had a typo in my include.