Monday, June 12, 2017

[389-users] Re: Migration from OpenLDAP to 389 DS

On 06/09/2017 03:32 AM, Blaz Kalan wrote:
> Hi, thank you all. Now I am a little further.
>
> My current tmp ldif file is as follows:
>
> dn: cn=schema, cn=config
> objectclass: top
> objectclass: ldapSubentry
> objectclass: subschema
>
> dn: cn=itnetmanager, cn=schema, cn=config
> objectclass: top
> objectclass: ldapSubentry
> objectclass: subschema
>
> objectClasses: ( 1.3.6.1.4.1.1332.1000.30.1 NAME 'itPrepaidPinSub' DESC 'IskratelprepaidPinSub' MUST ( itPrepaidPin ) )
> attributeTypes: ( 1.3.6.1.4.1.1332.1000.10.1 NAME ('itPrepaidPin' 'ppin') DESC 'IskratelprepaidPIN' EQUALITY numericStringMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 SINGLE-VALUE )
>
> When I try to import this file, I do not get any errors, and I can see schema and itnetmanager "folders" with ldap browser. But, I cannot see any entries (objectClasses or attributeTypes). What am I doing still wrong?
This is the expected behavior as "attributeTypes" and "objectClasses"
are operational attributes. The client needs to explicitly ask for
them. Here is an example with ldapsearch:

ldapsearch -D "cn=directory manager" -w password -b "cn=schema"
objectclass=top attributetypes objectclasses

But... I want to point something else out that will cause issues for
you next...

You are adding schema under "cn=config" - that is incorrect. It should
be added under "cn=schema", otherwise it will not be picked up by the
server. So just strip off cn=config from the DN's in your ldif. Then
you add it via ldapmodify, or just drop the ldif file (naming it to
99user.ldif first) into server's schema dir and restarting the server:
/etc/dirsrv/slapd-INSTANCE/schema


https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/extending_the_directory_schema#extending-the-schema

Regards,
Mark

> Thank you!
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)