On 9/16/10 12:12 PM, Buchan Milne wrote:
On Monday, 13 September 2010 09:30:14 Julien Vehent wrote:
I have created the OU 'policies' just fine, but when I try to add a pwdPolicy object, i get the following error:
(the<<EOF isn't necessary, if you don't specify an input file, ldapadd etc. will use stdin by default, just use CTRL-D to terminate the input in place of the EOF)
# ldapadd -x -D cn=admin,dc=example,dc=net -W<< EOF dn: cn=defaultpwpolicy,ou=policies,dc=example,dc=net objectClass: pwdPolicy objectClass: top pwdAttribute: userPassword pwdAllowUserChange: TRUE pwdInHistory: 2 pwdMaxFailure: 10 pwdLockout: TRUE pwdLockoutDuration: 1800 pwdMinLength: 6 EOF Enter LDAP Password: adding new entry "cn=defaultpwpolicy,ou=policies,dc=example,dc=net" ldap_add: Invalid syntax (21) additional info: objectClass: value #0 invalid per syntax
Are you sure that you don't have any invalid characters on the: objectClass: pwdPolicy line ? For example, trailing white space is often a cause of this problem. You may want to use an ldif file, and attach it to any reply (as trailing space is easily missed if copying/pasting text into the stdin of ldapadd and/or email client)
(your ldif above does still need a suitable structural objectclass, but it is not the cause of the error message above).
FYI, Kiran Ayyagari was able to reproduce the same issue using Apache Directory Studio, ie the problem is not in the LDIF file...