Hi!
I'd like to slightly change the attribute definition of olcDbConfig by modifying olcAttributeTypes in cn=schema,cn=config with openldap-2.4.16.
I tried to apply the modification using two different ways, both failing with different errors:
1) Delete the old attribute value and adding the new one: --------------------------------------------------------- $ ldapmodify -xvW -h bach-s49 -D cn=Manager,cn=config -f cn-schema-olcAttributeTypes-add-del.ldif ldap_initialize( ldap://bach-s49 ) Enter LDAP Password: delete olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB DB_CONFIG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' ) add olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB DB_CONFIG configuration directives' SYNTAX OMsIA5String EQUALITY CaseExactIA5Match X-ORDERED 'VALUES' ) modifying entry "cn=schema,cn=config" ldap_modify: Other (e.g., implementation specific) error (80) additional info: olcAttributeTypes: Duplicate attributeType: ""
Apache DirectoryStudio shows a little bit more info:
#!ERROR [LDAP: error code 80 - olcAttributeTypes: Duplicate attributeType: "?? 6.1.4.1.4203.1.12.2.3.2.1.3"] dn: cn=schema,cn=config changetype: modify add: olcAttributeTypes olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB DB_CONF IG configuration directives' EQUALITY caseExactIA5Match SYNTAX OMsIA5String X -ORDERED 'VALUES' ) - delete: olcAttributeTypes olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB DB_CONF IG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' ) -
2) Replace all olcAttributeTypes-attributes: -------------------------------------------- $ ldapmodify -xvW -h bach-s49 -D cn=Manager,cn=config -f cn-schema-olcAttributeTypes-repl.ldif ldap_initialize( ldap://bach-s49 ) Enter LDAP Password: replace olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object classes of the entity' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ( 2.5.21.9 NAME 'structuralObjectClass' DESC 'RFC4512: structural object class of entry' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 2.5.18.1 NAME 'createTimestamp' DESC 'RFC4512: time which object was created' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 2.5.18.2 NAME 'modifyTimestamp' DESC 'RFC4512: time which object was last modified' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 2.5.18.3 NAME 'creatorsName' DESC 'RFC4512: name of creator' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name of last modifier' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry has children' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512: name of controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the entry' EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' DESC 'change sequence number of the entry content' EQUALITY CSNMatch ORDERING CSNOrderingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' DESC 'change sequence number of the entry naming (RDN)' EQUALITY CSNMatch ORDERING CSNOrderingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie' DESC 'syncrepl Cookie for shadow copy' EQUALITY octetStringMatch ORDERING octetStringOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' DESC 'the largest committed CSN of a context' EQUALITY CSNMatch ORDERING CSNOrderingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC 'RFC4512: alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts' DESC 'RFC4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl' DESC 'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension' DESC 'RFC4512: supported extended operations' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion' DESC 'RFC4512: supported LDAP versions' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms' DESC 'RFC4512: supported SASL mechanisms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures' DESC 'RFC4512: features supported by the server' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext' DESC 'monitor context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.1.12.2.1 NAME 'configContext' DESC 'config context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name of implementation vendor' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045: version of implementation' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 2.5.18.5 NAME 'administrativeRole' DESC 'RFC3672: administrative role' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE directoryOperation ) ( 2.5.18.6 NAME 'subtreeSpecification' DESC 'RFC3672: subtree specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 SINGLE-VALUE USAGE directoryOperation ) ( 2.5.21.1 NAME 'dITStructureRules' DESC 'RFC4512: DIT structure rules' EQUALITY integerFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation ) ( 2.5.21.2 NAME 'dITContentRules' DESC 'RFC4512: DIT content rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation ) ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512: matching rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation ) ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512: attribute types' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation ) ( 2.5.21.6 NAME 'objectClasses' DESC 'RFC4512: object classes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation ) ( 2.5.21.7 NAME 'nameForms' DESC 'RFC4512: name forms ' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation ) ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512: matching rule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation ) ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' DESC 'RFC4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation ) ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) DESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296: subordinate referral URL' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE distributedOperation ) ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry' DESC 'OpenLDAP ACL entry pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' DESC 'OpenLDAP ACL children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo' 'saslAuthzTo' ) DESC 'proxy authorization targets' EQUALITY authzMatch SYNTAX 1.3.6.1.4.1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' ) ( 1.3.6.1.4.1.4203.666.1.9 NAME ( 'authzFrom' 'saslAuthzFrom' ) DESC 'proxy authorization sources' EQUALITY authzMatch SYNTAX 1.3.6.1.4.1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' ) ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC 'RFC2589: entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees' DESC 'RFC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE dSAOperation ) ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519: common supertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common supertype of name attributes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519: common name(s) for which the entity is known by' SUP name ) ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) DESC 'RFC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An integer uniquely identifying a user in an administrative domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An integer uniquely identifying a group in an administrative domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307: password of user' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC 'RFC2079: Uniform Resource Identifier with optional label' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ( 2.5.4.13 NAME 'description' DESC 'RFC4519: descriptive information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of related object' SUP distinguishedName ) ( OLcfgGlAt:78 NAME 'olcConfigFile' DESC 'File for slapd configuration directives' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:79 NAME 'olcConfigDir' DESC 'Directory for slapd configuration backend' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:1 NAME 'olcAccess' DESC 'Access Control List' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:86 NAME 'olcAddContentAcl' DESC 'Check ACLs against content of Add ops' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgGlAt:2 NAME 'olcAllows' DESC 'Allowed set of deprecated features' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:3 NAME 'olcArgsFile' DESC 'File for slapd command line options' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:5 NAME 'olcAttributeOptions' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:4 NAME 'olcAttributeTypes' DESC 'OpenLDAP attributeTypes' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:7 NAME 'olcAuthzPolicy' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:8 NAME 'olcAuthzRegexp' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:9 NAME 'olcBackend' DESC 'A type of backend' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE X-ORDERED 'SIBLINGS' ) ( OLcfgGlAt:10 NAME 'olcConcurrency' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:11 NAME 'olcConnMaxPending' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:13 NAME 'olcDatabase' DESC 'The backend type for a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' ) ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgGlAt:15 NAME 'olcDisallows' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:16 NAME 'olcDitContentRules' DESC 'OpenLDAP DIT content rules' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:17 NAME 'olcGentleHUP' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:0.17 NAME 'olcHidden' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgGlAt:18 NAME 'olcIdleTimeout' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI ) ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:84 NAME 'olcIndexIntLen' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:0.4 NAME 'olcLastMod' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP ldapSyntax' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgDbAt:0.5 NAME 'olcLimits' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:27 NAME 'olcLogFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:28 NAME 'olcLogLevel' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgGlAt:30 NAME 'olcModuleLoad' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:31 NAME 'olcModulePath' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:0.18 NAME 'olcMonitoring' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgGlAt:32 NAME 'olcObjectClasses' DESC 'OpenLDAP object classes' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:33 NAME 'olcObjectIdentifier' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase SINGLE-VALUE X-ORDERED 'SIBLINGS' ) ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:36 NAME 'olcPasswordHash' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:37 NAME 'olcPidFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:38 NAME 'olcPlugin' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:39 NAME 'olcPluginLogFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:40 NAME 'olcReadOnly' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI SINGLE-VALUE ) ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI EQUALITY caseIgnoreMatch X-ORDERED 'VALUES' ) ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:44 NAME 'olcReplicaPidFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:45 NAME 'olcReplicationInterval' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:46 NAME 'olcReplogFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:49 NAME 'olcReverseLookup' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:0.8 NAME 'olcRootDN' EQUALITY distinguishedNameMatch SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgDbAt:0.9 NAME 'olcRootPW' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:53 NAME 'olcSaslHost' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:54 NAME 'olcSaslRealm' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:56 NAME 'olcSaslSecProps' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:58 NAME 'olcSchemaDN' EQUALITY distinguishedNameMatch SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgGlAt:59 NAME 'olcSecurity' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:81 NAME 'olcServerID' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgGlAt:60 NAME 'olcSizeLimit' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes whose values will always be sorted' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgDbAt:0.15 NAME 'olcSubordinate' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:0.10 NAME 'olcSuffix' EQUALITY distinguishedNameMatch SYNTAX OMsDN ) ( OLcfgDbAt:0.11 NAME 'olcSyncrepl' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgGlAt:66 NAME 'olcThreads' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgGlAt:67 NAME 'olcTimeLimit' SYNTAX OMsDirectoryString ) ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:71 NAME 'olcTLSCertificateKeyFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:74 NAME 'olcTLSRandFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:87 NAME 'olcTLSProtocolMin' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgGlAt:80 NAME 'olcToolThreads' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:0.12 NAME 'olcUpdateDN' SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI EQUALITY caseIgnoreMatch ) ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' DESC 'Directory for database content' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE ) ( 1.3.6.1.4.1.4203.666.1.55.1 NAME 'monitoredInfo' DESC 'monitored info' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.2 NAME 'managedInfo' DESC 'monitor managed info' SUP name ) ( 1.3.6.1.4.1.4203.666.1.55.3 NAME 'monitorCounter' DESC 'monitor counter' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.4 NAME 'monitorOpCompleted' DESC 'monitor completed operations' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.5 NAME 'monitorOpInitiated' DESC 'monitor initiated operations' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.6 NAME 'monitorConnectionNumber' DESC 'monitor connection number' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.7 NAME 'monitorConnectionAuthzDN' DESC 'monitor connection authorization DN' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.8 NAME 'monitorConnectionLocalAddress' DESC 'monitor connection local address' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.9 NAME 'monitorConnectionPeerAddress' DESC 'monitor connection peer address' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.10 NAME 'monitorTimestamp' DESC 'monitor timestamp' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.11 NAME 'monitorOverlay' DESC 'name of overlays defined for a given database' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.12 NAME 'readOnly' DESC 'read/write status of a given database' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.13 NAME 'restrictedOperation' DESC 'name of restricted operation for a given database' SUP managedInfo ) ( 1.3.6.1.4.1.4203.666.1.55.14 NAME 'monitorConnectionProtocol' DESC 'monitor connection protocol' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.15 NAME 'monitorConnectionOpsReceived' DESC 'monitor number of operations received by the connection' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.16 NAME 'monitorConnectionOpsExecuting' DESC 'monitor number of operations in execution within the connection' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.17 NAME 'monitorConnectionOpsPending' DESC 'monitor number of pending operations within the connection' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.18 NAME 'monitorConnectionOpsCompleted' DESC 'monitor number of operations completed within the connection' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.19 NAME 'monitorConnectionGet' DESC 'number of times connection_get() was called so far' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.20 NAME 'monitorConnectionRead' DESC 'number of times connection_read() was called so far' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.21 NAME 'monitorConnectionWrite' DESC 'number of times connection_write() was called so far' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.22 NAME 'monitorConnectionMask' DESC 'monitor connection mask' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.23 NAME 'monitorConnectionListener' DESC 'monitor connection listener' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.24 NAME 'monitorConnectionPeerDomain' DESC 'monitor connection peer domain' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.25 NAME 'monitorConnectionStartTime' DESC 'monitor connection start time' SUP monitorTimestamp SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.26 NAME 'monitorConnectionActivityTime' DESC 'monitor connection activity time' SUP monitorTimestamp SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.27 NAME 'monitorIsShadow' DESC 'TRUE if the database is shadow' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.28 NAME 'monitorUpdateRef' DESC 'update referral for shadow databases' SUP monitoredInfo SINGLE-VALUE USAGE dSAOperation ) ( 1.3.6.1.4.1.4203.666.1.55.29 NAME 'monitorRuntimeConfig' DESC 'TRUE if component allows runtime configuration' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE dSAOperation ) ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree' DESC 'Number of extra entries to free when max is reached' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize' DESC 'Entry cache size in entries' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint' DESC 'Database checkpoint interval in kbytes and minutes' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:1.16 NAME 'olcDbChecksum' DESC 'Enable database checksum validation' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:1.13 NAME 'olcDbCryptFile' DESC 'Pathname of file containing the DB encryption key' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:1.14 NAME 'olcDbCryptKey' DESC 'DB encryption key' SYNTAX OMsOctetString SINGLE-VALUE ) ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB DB_CONFIG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' ) ( OLcfgDbAt:1.4 NAME 'olcDbNoSync' DESC 'Disable synchronous database writes' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:1.15 NAME 'olcDbPageSize' DESC 'Page size of specified DB, in Kbytes' EQUALITY caseExactMatch SYNTAX OMsDirectoryString ) ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead' DESC 'Allow reads of uncommitted data' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize' DESC 'DN cache size' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize' DESC 'IDL cache size in IDLs' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:0.2 NAME 'olcDbIndex' DESC 'Attribute index parameters' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex' DESC 'Index attributes one at a time' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect' DESC 'Deadlock detection algorithm' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:0.3 NAME 'olcDbMode' DESC 'Unix permissions of database files' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack' DESC 'Depth of search stack in IDLs' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:1.10 NAME 'olcDbShmKey' DESC 'Key for shared memory region' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgOvAt:3.1 NAME 'olcChainingBehavior' DESC 'Chaining behavior control parameters (draft-sermersheim-ldap-chaining)' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgOvAt:3.2 NAME 'olcChainCacheURI' DESC 'Enables caching of URIs not present in configuration' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgOvAt:3.3 NAME 'olcChainMaxReferralDepth' DESC 'max referral depth' EQUALITY integerMatch SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgOvAt:3.4 NAME 'olcChainReturnError' DESC 'Errors are returned instead of the original referral' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:0.14 NAME 'olcDbURI' DESC 'URI (list) for remote DSA' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.1 NAME 'olcDbStartTLS' DESC 'StartTLS' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.2 NAME 'olcDbACLAuthcDn' DESC 'Remote ACL administrative identity' OBSOLETE SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgDbAt:3.3 NAME 'olcDbACLPasswd' DESC 'Remote ACL administrative identity credentials' OBSOLETE SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.4 NAME 'olcDbACLBind' DESC 'Remote ACL administrative identity auth bind configuration' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.5 NAME 'olcDbIDAssertAuthcDn' DESC 'Remote Identity Assertion administrative identity' OBSOLETE SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgDbAt:3.6 NAME 'olcDbIDAssertPasswd' DESC 'Remote Identity Assertion administrative identity credentials' OBSOLETE SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.7 NAME 'olcDbIDAssertBind' DESC 'Remote Identity Assertion administrative identity auth bind configuration' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.8 NAME 'olcDbIDAssertMode' DESC 'Remote Identity Assertion mode' OBSOLETE SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.9 NAME 'olcDbIDAssertAuthzFrom' DESC 'Remote Identity Assertion authz rules' SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) ( OLcfgDbAt:3.10 NAME 'olcDbRebindAsUser' DESC 'Rebind as user' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:3.11 NAME 'olcDbChaseReferrals' DESC 'Chase referrals' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:3.12 NAME 'olcDbTFSupport' DESC 'Absolute filters support' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.13 NAME 'olcDbProxyWhoAmI' DESC 'Proxy whoAmI exop' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:3.14 NAME 'olcDbTimeout' DESC 'Per-operation timeouts' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.15 NAME 'olcDbIdleTimeout' DESC 'connection idle timeout' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.16 NAME 'olcDbConnTtl' DESC 'connection ttl' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.17 NAME 'olcDbNetworkTimeout' DESC 'connection network timeout' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.18 NAME 'olcDbProtocolVersion' DESC 'protocol version' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:3.19 NAME 'olcDbSingleConn' DESC 'cache a single connection per identity' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:3.20 NAME 'olcDbCancel' DESC 'abandon/ignore/exop operations when appropriate' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.21 NAME 'olcDbQuarantine' DESC 'Quarantine database if connection fails and retry according to rule' SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:3.22 NAME 'olcDbUseTemporaryConn' DESC 'Use temporary connections if the cached one is busy' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:3.23 NAME 'olcDbConnectionPoolMax' DESC 'Max size of privileged connections pool' SYNTAX OMsInteger SINGLE-VALUE ) ( OLcfgDbAt:3.25 NAME 'olcDbNoRefs' DESC 'Do not return search reference responses' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:3.26 NAME 'olcDbNoUndefFilter' DESC 'Do not propagate undefined search filters' SYNTAX OMsBoolean SINGLE-VALUE ) ( OLcfgDbAt:5.1 NAME 'olcRelay' DESC 'Relay DN' SYNTAX OMsDN SINGLE-VALUE ) ( OLcfgDbAt:7.1 NAME 'olcDbSocketPath' DESC 'Pathname for Unix domain socket' EQUALITY caseExactMatch SYNTAX OMsDirectoryString SINGLE-VALUE ) ( OLcfgDbAt:7.2 NAME 'olcDbSocketExtensions' DESC 'binddn, peername, or ssf' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) ( olmBDBAttributes:1 NAME 'olmBDBEntryCache' DESC 'Number of items in Entry Cache' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( olmBDBAttributes:2 NAME 'olmBDBDNCache' DESC 'Number of items in DN Cache' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( olmBDBAttributes:3 NAME 'olmBDBIDLCache' DESC 'Number of items in IDL Cache' SUP monitorCounter NO-USER-MODIFICATION USAGE dSAOperation ) ( olmBDBAttributes:4 NAME 'olmDbDirectory' DESC 'Path name of the directory where the database environment resides' SUP monitoredInfo NO-USER-MODIFICATION USAGE dSAOperation ) modifying entry "cn=schema,cn=config" ldap_modify: Other (e.g., implementation specific) error (80)
The corresponding ldif-files and the original cn=schema,cn=config entry can be found at http://leo.kloburg.at/tmp/openldap-olcattributetypes/
Any hints?
Thanks, --leo
Alexander 'Leo' Bergolth wrote:
Hi!
I'd like to slightly change the attribute definition of olcDbConfig by modifying olcAttributeTypes in cn=schema,cn=config with openldap-2.4.16.
Any hints?
http://www.openldap.org/doc/admin24/slapdconf2.html#cn=schema
The definitions in cn=schema are hard-coded, you can't modify them.
On 08/21/2009 01:53 PM, Howard Chu wrote:
Alexander 'Leo' Bergolth wrote:
I'd like to slightly change the attribute definition of olcDbConfig by modifying olcAttributeTypes in cn=schema,cn=config with openldap-2.4.16.
Any hints?
http://www.openldap.org/doc/admin24/slapdconf2.html#cn=schema
The definitions in cn=schema are hard-coded, you can't modify them.
Oops! Looks like I have overlooked that detail... :-) Thanks!
--leo
openldap-technical@openldap.org