Thanks Quanah,
can you tell me how to import the objectClass to my entries ?
Regards Andreas
-----Ursprüngliche Nachricht----- Von: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] Im Auftrag von Quanah Gibson-Mount Gesendet: Freitag, 16. Dezember 2011 20:42 An: Andreas Cieslak; openldap-technical@openldap.org Betreff: Re: Trying to add vacation.schema - object class violation error
--On Friday, December 16, 2011 2:28 PM +0100 Andreas Cieslak andreas@kado-web.de wrote:
Hi list,
I need some urgent advices on the openldap-scheme extension.
My openldap version is slapd 2.4.23 on a debian squezze machine.
When I try to activate vacation on the webmail-system roundcube (the webmailer and the plugins are working fine) it says the the activation is stored, but when I have a look into the logs of round cube, they say:
[16-Dec-2011 11:20:29] Could not add new values to attribute vacationActive: Object class violation: LDAP_OBJECT_CLASS_VIOLATION (65):
[16-Dec-2011 11:20:29] Could not modify entry: Could not add new values to attribute vacationActive: Object class violation: LDAP_OBJECT_CLASS_VIOLATION: (1000):
The slapd-logs shows the following when I try to activate vacation:
conn=1221 op=4 MOD dn="cn=admin,dc=domain,dc=de"
slapd[14608]: conn=1221 op=4 MOD attr=vacationActive
serv slapd[14608]: slap_queue_csn: queing 0xb58969b6 20111216110200.012914Z#000000#000#000000
serv slapd[14608]: Entry (cn=ldapadmin,dc=folkwang-hochschule,dc=de), attribute 'vacationActive' not allowed
serv slapd[14608]: entry failed schema check: attribute 'vacationActive' not allowed
serv slapd[14608]: conn=1221 op=4 RESULT tag=103 err=65 text=attribute 'vacationActive' not allowed
The following is my vacation.schema which I add to /etc/ldap/slapd.conf:
attributetype ( 1.3.6.1.4.1.39116.1.1.11
NAME 'vacationActive' SINGLE-VALUE EQUALITY booleanMatch DESC 'A flag, for marking the user as being away' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
attributetype ( 1.3.6.1.4.1.39116.1.1.12
NAME 'vacationInfo' SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Absentee note to leave behind, while on vacation' EQUALITY octetStringMatch )
attributetype ( 1.3.6.1.4.1.39116.1.1.13
NAME 'vacationStart' SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Beginning of vacation' EQUALITY octetStringMatch )
attributetype ( 1.3.6.1.4.1.39116.1.1.14
NAME 'vacationEnd' SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 DESC 'End of vacation' EQUALITY octetStringMatch )
attributetype (1.3.6.1.4.1.39116.1.1.15
NAME 'vacationForward' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} DESC 'Where to forward mails to, while on vacation' )
#
# Objects start here
#
objectclass ( 1.3.6.1.4.1.39116.1.2.10 NAME 'vacation'
SUP top AUXILIARY DESC 'Users vacation status information' MUST vacationActive MAY ( vacationInfo $ vacationStart $ vacationEnd $
vacationForward ) )
I imported a user with the object class vacation and the attributes vacationActive, vacationInfo into my ldap database.
There the import looks fine.
The user has got the privileges to modify the vacation attributes.
But when I try to modify the entries via vacation-plugin on roundcube, the above errors occur.
Can anybody give me some advices, please?
You need to add the vacation objectClass to your entries first, apparently. If you look at the logged operation, the utility you are using does not try to *add* anything. Just *MOD* what it feels should be an existing attribute. Obviously if the tool was well written, it would check to see if the entry actually had the vacation objectClass first, and then add it if it was missing, along with the required attributes.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration