luckydog xf wrote:
Hi, list,
I'm trying to migrate opendj to openLDAP. Here is a customized schema.
dn: cn=schema objectclass: top objectclass: ldapSubentry objectclass: subschema cn: schema attributeTypes: ( 1.12.23.34.45.56.780 NAME 'active' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 X-SCHEMA-FILE '99-user.ldif' ) attributeTypes: ( 1.12.23.34.45.56.782 NAME 'accountName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' ) attributeTypes: ( 1.12.23.34.45.56.784 NAME 'djGroups' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' ) attributeTypes: ( 1.12.23.34.45.56.786 NAME 'departmentId' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' ) attributeTypes: ( 1.12.23.34.45.56.788 NAME 'department' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' ) attributeTypes: ( 1.12.23.34.45.56.790 NAME 'companyCode' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' ) attributeTypes: ( 1.12.23.34.45.56.792 NAME 'parent' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' ) ds-sync-generation-id: 8408 ds-sync-state: 01050186432c61a90000f9ca10880 ds-sync-state: 0105017a002b3170002f4a1b16311 modifiersName: cn=Administrator modifyTimestamp: 20190711063414Z objectClasses: ( 1.12.23.34.45.56.880 NAME 'idmExt' DESC 'idm user extended attributes' SUP top AUXILIARY MUST active MAY ( accountName $ djGroups $ departmentId $ department $ companyCode ) X-SCHEMA-FILE '99-user.ldif' ) objectClasses: ( 1.12.23.34.45.56.890 NAME 'idmDept' DESC 'idm department extended attributes' SUP top AUXILIARY MAY parent X-SCHEMA-FILE '99-user.ldif' ) ===
I changed it to LDAP compliant one.
LDIF files must not have blank lines within a single entry. You added an entry with "cn" and no other attributes.
dn: cn=djuser,cn=schema,cn=config objectClass: olcSchemaConfig cn: djuser
olcAttributeTypes: ( 1.12.23.34.45.56.780 NAME 'active' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) olcAttributeTypes: ( 1.12.23.34.45.56.782 NAME 'accountName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: ( 1.12.23.34.45.56.784 NAME 'djGroups' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: ( 1.12.23.34.45.56.786 NAME 'departmentId' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: ( 1.12.23.34.45.56.788 NAME 'department' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: ( 1.12.23.34.45.56.790 NAME 'companyCode' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: ( 1.12.23.34.45.56.792 NAME 'parent' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcObjectClasses: ( 1.12.23.34.45.56.880 NAME 'idmExt' DESC 'idm user extended attributes' SUP top AUXILIARY MUST active MAY ( accountName $ djGroups $ departmentId $ department $ companyCode ) ) olcObjectClasses: ( 1.12.23.34.45.56.890 NAME 'idmDept' DESC 'idm department extended attributes' SUP top AUXILIARY MAY parent )
It can be imported by `ldapadd -Y EXTERNAL -H ldapi:/// -f 99-user.ldif` However, there is nothing in === [root@hq-repo cn=config]# more cn=schema/cn={10}djuser.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 310b21fa dn: cn={10}djuser objectClass: olcSchemaConfig cn: {10}djuser structuralObjectClass: olcSchemaConfig entryUUID: 6b852150-4b97-103d-86fe-7b79b4eef873 creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth createTimestamp: 20230228093837Z entryCSN: 20230228093837.038174Z#000000#000#000000 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20230228093837Z
=== I'm using openldap 2.4. Anything wrong with my schema ?
Thanks.