Re: Loading LDAP schema files into cn=config
zeno:/tmp# ldapadd -D 'cn=admin,dc=siriusit,dc=co,dc=uk' -f
sirius-custom.ldif -xW
Enter LDAP Password:
adding new entry "cn=schema,cn=config"
ldap_add: Constraint violation (19)
additional info: structuralObjectClass: no user modification
allowed
Hi Mark,
How did you generate your schema LDIF again? It's quite easy to do it without slapcat
etc.
See http://www.openldap.org/lists/openldap-software/200504/msg00195.html about above.
You've got some entries
in there you shouldn't.
I don't get much further even if I remove cn=schema,cn=config
leaving
just "dn: cn={0}sirius-custom,cn=schema,cn=config" within the output.
And also the slapcat command above always generates a {0} index for
the
output, so how can I alter the above command so that it omits the
index
so that slapd generates it automatically? And what happens if I
accidentally add the same schema but with a different index? Does
slapd
consider them to be two different entries?
Just the same as any LDIF. If it's repeated/exists it will fail.
>> Does that sound correct?
>
> No.
>
> As soon as you use the word "hack" you should realize you're doing
> something wrong. As soon as you use the words "manually update" you
> should realize you're doing something wrong.
I have been honest enough during this thread to admit that I felt I
may
have missed something obvious. But I have to point out that all of
the
Google searches I have done on this topic have returned posts similar
to
the one I pointed you to, which you are saying are wrong.
There is a lot of mis-information out there regarding cn=config but I
at
least I understand that I need to come to the project itself to get
some
answers.
I understand your frustration here, but it will also take some effort
on
behalf of the project to ensure that the documentation can answer
questions such as mine - I've been using openldap for 3 years now,
and
cn=config still takes some getting used to.
I think it depends on how you look at it as it's in LDIF. It's been
7 for me (2004) and it depends on how the question is asked and the prior
knowledge, which sometimes gets in the way.
Once we have figured out a basic schema workflow, I am happy to
submit a
documentation patch to help other people such as myself in return for
your assistance.
What would you like to see? We have a wiki now that could be more tutorial
like. The current Admin Guide covers it well, but we could break it down more
with comparison to slapd.conf on the wiki for people with less than 5 years
experience :-)
Is there anything I can learn from the PostgreSQL docs project using your experience
and contacts?
Thanks,
Gavin.
ATB,
Mark.
--
Mark Cave-Ayland - Senior Technical Architect
PostgreSQL - PostGIS
Sirius Corporation plc - control through freedom
http://www.siriusit.co.uk
t: +44 870 608 0063
Sirius Labs: http://www.siriusit.co.uk/labs
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghenry(a)OpenLDAP.org
Community developed LDAP software.
http://www.openldap.org/project/