Konstantin Boyandin wrote:
Hello,
OpenLDAP version: 2.3.43-12 (CentOS 5.5), 64-bit.
In order to enable ppolicy overlay, I am trying to create the relevant entries, as specified in
http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
I import two LDIFs, first:
dn: ou=Policies,dc=example,dc=com objectClass: organizationalUnit objectClass: top ou: Policies
and second
dn: cn=default,ou=Policies,dc=example,dc=com cn: default objectClass: top objectClass: pwdPolicy objectClass: person pwdAllowUserChange: TRUE pwdAttribute: userPassword pwdCheckQuality: 2 pwdExpireWarning: 600 pwdFailureCountInterval: 30 pwdGraceAuthNLimit: 2 pwdInHistory: 5 pwdLockout: TRUE pwdLockoutDuration: 0 pwdMaxAge: 7776000 pwdMaxFailure: 5 pwdMinAge: 0 pwdMinLength: 5 pwdMustChange: FALSE pwdSafeModify: FALSE sn: dummy value
The first loads OK. When I try to import the second, I receive this diagnostics:
Could not add object cn=default,ou=Policies,dc=itelsib,dc=com Message: Invalid syntax Error code: 0x15 (LDAP_INVALID_SYNTAX) Error description: An invalid attribute value was specified.
Could someone suggest what's wrong with the attribute name?
OpenLDAP never produces the text you provided above. It seems you're using some other LDAP tool to do this import, and it is not showing you the actual error message sent from the server. OpenLDAP slapd will always identify the actual attribute and value that causes an error. I suggest you try importing this entry with OpenLDAP's ldapadd and examine the error message from there.