RE: Host based authentication using OpenLDAP
Yes I added ldapns.schema
Cat slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
# Schemas requis pour les comptes Posix
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
#Radius
include /usr/local/etc/openldap/schema/RADIUS-LDAPv3.schema
[...]
attributetype ( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService'
DESC 'IANA GSS-API authorized service name'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
objectclass ( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject'
DESC 'Auxiliary object class for adding authorizedService attribute'
SUP top
AUXILIARY
MAY authorizedService )
objectclass ( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject'
DESC 'Auxiliary object class for adding host attribute'
SUP top
AUXILIARY
MAY host )
-----Message d'origine-----
De : openldap-technical-bounces+francois.mehault=netplus.fr(a)OpenLDAP.org
[mailto:openldap-technical-bounces+francois.mehault=netplus.fr@OpenLDAP.org] De la part de
Per Kristiansen
Envoyé : lundi 25 mai 2009 10:26
À : openldap-technical(a)openldap.org
Objet : Re: Host based authentication using OpenLDAP
François Mehault wrote:
Hi
I follow your conversation because I have to do the same thing, so I would like to add
hosts in my openldap but I don't succeed
My add.ldif
dn: cn=hostlab,ou=hosts,dc=netplus,dc=fr
objectClass: top
objectClass: authorizedServiceObject
objectClass: ipHost
cn: hostlab
ipHostNumber: 192.168.45.69
authorizedService: sshd
authorizedService: ftp
my command
# ldapadd -x -D "cn=manager,dc=netplus,dc=fr" -w **** -f add.ldif
adding new entry "cn=hostlab,ou=hosts,dc=netplus,dc=fr"
ldapadd: Object class violation (65)
additional info: no structural object class provided
What is the problem ? in my phpldapadmin I have this message:
Importation au format LDIF
Impossible d'ajouter un objet : cn=hostlab,ou=hosts,dc=netplus,dc=fr
LDAP dit :: LDAP_OBJECT_CLASS_VIOLATION
You tried to perform an operation that would cause an undefined attribute to exist or
that would remove a required attribute, given the current list of ObjectClasses. This can
also occur if you do not specify a structural objectClass when creating an entry, or if
you specify more than one structural objectClass.
Maybe I had to post in a new message, sorry if I'm wrong.
Regards,
François
did you add the ldapns.schema ?
I seem to remember getting something similar when I started out testing
this and had a typo in my include.