Hi, There is a specific requirement where the client needs the memberOf attribute to be returned by default. As per the current design the memberOf attribute is of type operational and thus needs to be explicitly asked for. Is there a easy way to update the schema and change the type of the attribute from Operational to userApplication so that the attribute will be returned by default ? I tried to update the schema using a ldif file but I am getting the following error:- error code 80 - olcAttributeTypes: Duplicate attributeType: 1.2.840.113556.1.2.102
Please assist with this request.
My Ldif is as follows:-
dn: cn=schema,cn=config changetype: modify delete: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation X-ORIGIN 'iPlanet Delegated Administrator' ) - add: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
shekhar.shrinivasan@gmail.com wrote:
Hi, There is a specific requirement where the client needs the memberOf attribute to be returned by default. As per the current design the memberOf attribute is of type operational and thus needs to be explicitly asked for. Is there a easy way to update the schema and change the type of the attribute from Operational to userApplication so that the attribute will be returned by default ? I tried to update the schema using a ldif file but I am getting the following error:- error code 80 - olcAttributeTypes: Duplicate attributeType: 1.2.840.113556.1.2.102
Please assist with this request.
My Ldif is as follows:-
dn: cn=schema,cn=config
As the Admin Guide states, schema elements in the cn=schema,cn=config entry are hardcoded. The only way to change them is by modifying the slapd source code.
Whatever client seems to have this requirement of yours is broken. Fix the application.
changetype: modify delete: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation X-ORIGIN 'iPlanet Delegated Administrator' )
add: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
Hi Howard,
Thank you so much for your prompt response. I really appreciate it.
Best Regards SS
On Wed, Aug 4, 2021 at 9:05 PM Howard Chu hyc@symas.com wrote:
shekhar.shrinivasan@gmail.com wrote:
Hi, There is a specific requirement where the client needs the memberOf
attribute to be returned by default. As per the current design the memberOf attribute is of type operational and thus needs to be explicitly asked for. Is there a easy way to update the schema and change the type of the attribute from Operational to userApplication so that the attribute will be returned by default ? I tried to update the schema using a ldif file but I am getting the following error:- error code 80 - olcAttributeTypes: Duplicate attributeType: 1.2.840.113556.1.2.102
Please assist with this request.
My Ldif is as follows:-
dn: cn=schema,cn=config
As the Admin Guide states, schema elements in the cn=schema,cn=config entry are hardcoded. The only way to change them is by modifying the slapd source code.
Whatever client seems to have this requirement of yours is broken. Fix the application.
changetype: modify delete: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group
that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation X-ORIGIN 'iPlanet Delegated Administrator' )
add: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group
that the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Howard Chu hyc@symas.com schrieb am 04.08.2021 um 17:35 in Nachricht
8e871ea0-09f6-b6ce-359f-3891d27a8262@symas.com:
shekhar.shrinivasan@gmail.com wrote:
Hi, There is a specific requirement where the client needs the memberOf
attribute to be returned by default. As per the current design the memberOf attribute is of type operational and thus needs to be explicitly asked for. Is there a easy way to update the schema and change the type of the attribute from Operational to userApplication so that the attribute will be returned by default ? I tried to update the schema using a ldif file but I am getting the following error:- error code 80 - olcAttributeTypes: Duplicate attributeType: 1.2.840.113556.1.2.102
Please assist with this request.
My Ldif is as follows:-
dn: cn=schema,cn=config
As the Admin Guide states, schema elements in the cn=schema,cn=config entry are hardcoded. The only way to change them is by modifying the slapd source code.
Whatever client seems to have this requirement of yours is broken. Fix the application.
changetype: modify delete: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that
the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation X-ORIGIN 'iPlanet Delegated Administrator' )
add: olcAttributeTypes olcAttributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that
the entry belongs to' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
So "X-ORIGIN 'iPlanet Delegated Administrator'" is part of the built-in schema?
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
--On Thursday, August 5, 2021 8:45 AM +0200 Ulrich Windl Ulrich.Windl@rz.uni-regensburg.de wrote:
So "X-ORIGIN 'iPlanet Delegated Administrator'" is part of the built-in schema?
Yes, it documents the ORIGIN of the attribute.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Hi Howard,
A quick follow up question - can we just remove the 'USAGE dSAOperation' from the struct definition inside the memberof.c code and will that make it a userApplication attribute by default ? Also, is it required to rebuild everything after changing the memberof.c code or can we just compile/build and install the memberof module ? Please let us know the right approach. If we can go with just building memberof.c then any pointers related to that will help. Thank you !
Best Regards SS
Hi Howard,
Please ignore my earlier question. I was able to get the memberof.c changed, built and installed successfully. Thank you !
Best Regards Shekhar S
--On Thursday, August 5, 2021 7:55 AM +0000 shekhar.shrinivasan@gmail.com wrote:
Hi Howard,
Please ignore my earlier question. I was able to get the memberof.c changed, built and installed successfully. Thank you !
This is not the correct solution. The application is broken, you need to work with the application developer to fix their broken product.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Howard Chu -
Quanah Gibson-Mount -
Shekhar Shrinivasan -
shekhar.shrinivasan@gmail.com
-
Ulrich Windl