I am running openldap on Redhat 6 at 2.4.23. I am using cn=config.
I have a schema called uri was added during the initial setup of this server a few years ago. In this schema I have an
dn: cn={12}uri,cn=schema,cn=config objectClass: olcSchemaConfig cn: {12}uri olcAttributeTypes: {0}( 1.3.6.1.4.1.14092.2.1.1 NAME 'uriid' EQUALITY caseIgno reMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {1}( 1.3.6.1.4.1.14092.2.1.2 NAME 'dept' EQUALITY caseIgnor eMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{ 256} ) .... *olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI** ** Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $** ** givenname $ telephoneNumber $ dc ) )* olcObjectClasses: {8}( 1.3.6.1.4.1.14092.2.2.9 NAME 'URIEdusakaiperson' DESC ' URIEdusakaiperson' STRUCTURAL MUST ( URIEduemplid $ URIEduecampusid $ URIEdus n $ URIEdustatus $ userPassword ) MAY ( mail $ URIEdugn ) )
I need to update the URIEducmanager objectclass to include the mail object so it will be:
olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $ givenname $ mail $ telephoneNumber $ dc ) )
I have tried many combinations the last of which is ldapmodify -D "cn=admin,cn=config" -x -W -f /root/ldapscripts/updatecmanager.ldif -v -H ldap://locumtenens.uri.edu
where updatecmanager.ldif contains:
dn: cn={12}uri,cn=schema,cn=config changetype: modify delete: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ telephoneNumber $ dc ) ) - add: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' SUP top AUXILIARY STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ mail $ telephoneNumber $ dc ) )
My run looks like
ldapmodify -D "cn=admin,cn=config" -x -W -f /root/ldapscripts/updatecmanager.ldif -v -H ldap://locumtenens.uri.edu ldap_initialize( ldap://locumtenens.uri.edu:389/??base ) Enter LDAP Password: delete objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager'DESC 'URIEducmanager'STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $cn $ sn $givenname $ telephoneNumber $ dc ) ) add objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager'DESC 'URIEducmanager' SUP top AUXILIARYSTRUCTURAL MAY ( uid $ userPassword $ employeeNumber $cn $ sn $givenname $ mail $ telephoneNumber $ dc ) ) modifying entry "cn={12}uri,cn=schema,cn=config" ldap_modify: Invalid syntax (21) additional info: objectclass: value #0 invalid per syntax
I have checked for extra blanks on the line, I have tried it with replace instead of delete and add. I must be missing some important facts about how it should be done.
Any help greatly appreciated!
Kathy
Am Thu, 07 Aug 2014 09:24:47 -0400 schrieb Katherine Faella kmf@uri.edu:
I am running openldap on Redhat 6 at 2.4.23. I am using cn=config.
I have a schema called uri was added during the initial setup of this server a few years ago. In this schema I have an
dn: cn={12}uri,cn=schema,cn=config objectClass: olcSchemaConfig cn: {12}uri olcAttributeTypes: {0}( 1.3.6.1.4.1.14092.2.1.1 NAME 'uriid' EQUALITY caseIgno reMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {1}( 1.3.6.1.4.1.14092.2.1.2 NAME 'dept' EQUALITY caseIgnor eMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{ 256} ) .... *olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI** ** Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $** ** givenname $ telephoneNumber $ dc ) )* olcObjectClasses: {8}( 1.3.6.1.4.1.14092.2.2.9 NAME 'URIEdusakaiperson' DESC ' URIEdusakaiperson' STRUCTURAL MUST ( URIEduemplid $ URIEduecampusid $ URIEdus n $ URIEdustatus $ userPassword ) MAY ( mail $ URIEdugn ) )
I need to update the URIEducmanager objectclass to include the mail object so it will be:
olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $ givenname $ mail $ telephoneNumber $ dc ) )
I have tried many combinations the last of which is ldapmodify -D "cn=admin,cn=config" -x -W -f /root/ldapscripts/updatecmanager.ldif -v -H ldap://locumtenens.uri.edu
where updatecmanager.ldif contains:
dn: cn={12}uri,cn=schema,cn=config changetype: modify delete: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ telephoneNumber $ dc ) )
add: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' SUP top AUXILIARY STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ mail $ telephoneNumber $ dc ) )
I don't think that this ancient version ( released 2010/06/30) will support runtime modification of schemas. But you may try
ldapmodify -b cn={12}uri,cn=schema,cn=config changetype: modify replace: objectClasses objectClasses: {0}(1.3.6.1.4.1.14092 .....
-Dieter
Dieter Klünter wrote:
Am Thu, 07 Aug 2014 09:24:47 -0400 schrieb Katherine Faella kmf@uri.edu:
I am running openldap on Redhat 6 at 2.4.23. I am using cn=config.
I have a schema called uri was added during the initial setup of this server a few years ago. In this schema I have an
dn: cn={12}uri,cn=schema,cn=config objectClass: olcSchemaConfig cn: {12}uri olcAttributeTypes: {0}( 1.3.6.1.4.1.14092.2.1.1 NAME 'uriid' EQUALITY caseIgno reMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {1}( 1.3.6.1.4.1.14092.2.1.2 NAME 'dept' EQUALITY caseIgnor eMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{ 256} ) .... *olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI** ** Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $** ** givenname $ telephoneNumber $ dc ) )* olcObjectClasses: {8}( 1.3.6.1.4.1.14092.2.2.9 NAME 'URIEdusakaiperson' DESC' URIEdusakaiperson' STRUCTURAL MUST ( URIEduemplid $ URIEduecampusid $ URIEdus n $ URIEdustatus $ userPassword ) MAY ( mail $ URIEdugn ) )
I need to update the URIEducmanager objectclass to include the mail object so it will be:
olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $ givenname $ mail $ telephoneNumber $ dc ) )
I have tried many combinations the last of which is ldapmodify -D "cn=admin,cn=config" -x -W -f /root/ldapscripts/updatecmanager.ldif -v -H ldap://locumtenens.uri.edu
where updatecmanager.ldif contains:
dn: cn={12}uri,cn=schema,cn=config changetype: modify delete: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ telephoneNumber $ dc ) )
add: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' SUP top AUXILIARY STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ mail $ telephoneNumber $ dc ) )
I don't think that this ancient version ( released 2010/06/30) will support runtime modification of schemas. But you may try
ldapmodify -b cn={12}uri,cn=schema,cn=config changetype: modify replace: objectClasses objectClasses: {0}(1.3.6.1.4.1.14092 .....
Use the correct attributeType - "olcObjectClasses" - pay attention to what you're doing, this should have been obvious.
Don't use replace, that will delete all the values. Use delete/add of the specific value.
ldapmodify -b cn={12}uri,cn=schema,cn=config changetype: modify delete: olcObjectClasses olcObjectClasses: {7} - add: olcObjectClasses olcObjectClasses: {7}(1.3.6.1.4.1.14092... -
Howard Chu wrote:
Use the correct attributeType - "olcObjectClasses" - pay attention to what you're doing, this should have been obvious.
Don't use replace, that will delete all the values.
Yepp.
Use delete/add of the specific value.
I'd recommend to use a decent LDAP client. ;-) In this case web2ldap would generate a minimal change because 'olcObjectClasses' has an EQUALITY matching rule and more than 3 attribute values. Old values are explicitly deleted and only new values are added then.
The LDIF of the modification will be displayed for e.g. generating LDIF modification scripts in a test staging environment.
Ciao, Michael.
On 08/07/2014 01:02 PM, Howard Chu wrote:
Dieter Klünter wrote:
Am Thu, 07 Aug 2014 09:24:47 -0400 schrieb Katherine Faella kmf@uri.edu:
I am running openldap on Redhat 6 at 2.4.23. I am using cn=config.
I have a schema called uri was added during the initial setup of this server a few years ago. In this schema I have an
dn: cn={12}uri,cn=schema,cn=config objectClass: olcSchemaConfig cn: {12}uri olcAttributeTypes: {0}( 1.3.6.1.4.1.14092.2.1.1 NAME 'uriid' EQUALITY caseIgno reMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {1}( 1.3.6.1.4.1.14092.2.1.2 NAME 'dept' EQUALITY caseIgnor eMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{ 256} ) .... *olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI** ** Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $** ** givenname $ telephoneNumber $ dc ) )* olcObjectClasses: {8}( 1.3.6.1.4.1.14092.2.2.9 NAME 'URIEdusakaiperson' DESC' URIEdusakaiperson' STRUCTURAL MUST ( URIEduemplid $ URIEduecampusid $ URIEdus n $ URIEdustatus $ userPassword ) MAY ( mail $ URIEdugn ) )
I need to update the URIEducmanager objectclass to include the mail object so it will be:
olcObjectClasses: {7}( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URI Educmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $ givenname $ mail $ telephoneNumber $ dc ) )
I have tried many combinations the last of which is ldapmodify -D "cn=admin,cn=config" -x -W -f /root/ldapscripts/updatecmanager.ldif -v -H ldap://locumtenens.uri.edu
where updatecmanager.ldif contains:
dn: cn={12}uri,cn=schema,cn=config changetype: modify delete: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ telephoneNumber $ dc ) )
add: objectclass objectclass: ( 1.3.6.1.4.1.14092.2.2.8 NAME 'URIEducmanager' DESC 'URIEducmanager' SUP top AUXILIARY STRUCTURAL MAY ( uid $ userPassword $ employeeNumber $ cn $ sn $givenname $ mail $ telephoneNumber $ dc ) )
I don't think that this ancient version ( released 2010/06/30) will support runtime modification of schemas. But you may try
ldapmodify -b cn={12}uri,cn=schema,cn=config changetype: modify replace: objectClasses objectClasses: {0}(1.3.6.1.4.1.14092 .....
Use the correct attributeType - "olcObjectClasses" - pay attention to what you're doing, this should have been obvious.
Don't use replace, that will delete all the values. Use delete/add of the specific value.
ldapmodify -b cn={12}uri,cn=schema,cn=config changetype: modify delete: olcObjectClasses olcObjectClasses: {7}
add: olcObjectClasses olcObjectClasses: {7}(1.3.6.1.4.1.14092...
Howard and all,
Thanks so much for your help!! I had not realized that I should delete/add the ObjectClass with the syntax you provided (ie the {7}). It was the key. I was able to successfully update the schema. I can't thank you enough!
Kathy
--On Thursday, August 07, 2014 3:45 PM -0400 Katherine Faella kmf@uri.edu wrote:
Thanks so much for your help!! I had not realized that I should delete/add the ObjectClass with the syntax you provided (ie the {7}). It was the key. I was able to successfully update the schema. I can't thank you enough!
Next step is to get a current openldap release. 2.4.23 is some 4+ years old, and the RHEL build of it has some interesting bugs they introduced. If you can't build OpenLDAP yourself, I suggest the builds from Symas or the LTB project.
--Quanah
--
Quanah Gibson-Mount Server Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
Dieter Klünter -
Howard Chu -
Katherine Faella -
Michael Ströder -
Quanah Gibson-Mount