Hi Buchan,
Thanks for your reply. I have tried but the schema is not getting loaded, dont know why. I have tried the same setup with centos and redhat it looks perfect. I am using SuSE Enterprise 11.
Regards, Pradyumna On Tue, May 17, 2011 at 9:11 AM, Buchan Milne bgmilne@staff.telkomsa.netwrote:
On Monday, 16 May 2011 17:38:31 pradyumna dash wrote:
Hi,
I am trying to acheive centralizing SUDO, but facing an issue,i suspect its something to do with sudoers.schema, May be am wrong. I think somehow the slapd process is not able to read it. Please suggest how to fix the issue.
[...]
t710x02-6:/etc/openldap/schema # ldapadd -f /opt/newsudo.ldif -h 127.0.0.1 -D cn=Manager,dc=example,dc=com -W -x Enter LDAP Password: adding new entry "cn=defaults,ou=SUDOers,dc=example,dc=com"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #0 invalid per syntax
sudoers.ldif dn: cn=defaults,ou=SUDOers,dc=example,dc=com #objectClass: top objectClass: sudoRole cn: defaults
Please verify that you have actually included the sudoers.schema in your configuration, and that slapd was restarted after that.
You could check that the objectclass exists in your server. In my case:
$ ldapsearch -x -s base -b cn=subschema objectclasses|perl -p0e 's/\n //g' | grep -i sudo objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC 'Sudoer Entries' SUP top STRUCTURAL MUST cn MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoOption $ description ) )
Regards, Buchan