Hey, I'm having a problem setting up an openLDAP database. I've installed it, configured it (that took a while, OpenLDAP should realy supply a script to do it manualy) and set my server to use it for authentication (as well as the /etc/passwd file). But now i want to configure the server to work with the sudoers file so users can use the "sudo" command. Here is where i'm having problems. I folowed this guide: http://georgia.ubuntuforums.org/showthread.php?p=9121830 http://georgia.ubuntuforums.org/showthread.php?p=9121830#post9121830And i came to the part where i need to insert this code into the database with ldapadd:
dn: ou=SUDOers,dc=prvi-dijak,dc=si objectClass: top objectClass: organizationalUnit ou: SUDOers serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com
But here is where i run into a problem. The server always gives out an error, like this:
ldapadd -f sudoWork/sudoMaster.ldif -h 127.0.0.1 -D cn=admin,dc=prvi-dijak,dc=si -W -x Enter LDAP Password: adding new entry "ou=SUDOers,dc=prvi-dijak,dc=si" ldap_add: Undefined attribute type (17) additional info: serviceSearchDescriptor: attribute type undefined
And i have no idea why. I also tried to do it manualy. I added the organizationalUnit with "phpLDAPadmin" but i can not find the serviceSearchDescriptor attribute anywhere. Could you advise me on how to fix this problem?
It comes from here http://tools.ietf.org/html/rfc4876. Not sure whether you can find that schema already formatted for use in OpenLDAP, but it should be trivial. Please read carefully that document before you proceed: the IESG note starts with "This RFC is not a candidate for any level of Internet Standard."
p.
p.