On Thu, Jan 11, 2018 at 04:49:46AM -0000, Matt . via FreeIPA-users wrote:
> HI guys.
> 
> I'm having an issue with my private PEN when I want to add an objectclass and 
> an attribute with the following ldif (99999 is a replacement for my private 
> PEN registered at Iana)
> 
> The following output is what I get:
> 
> modifying entry "cn=schema"
> ldap_modify: Invalid syntax (21)
>         additional info: attribute type myAttributeName: Unknown attribute 
> syntax OID "1.3.6.1.4.1.99999.1.1.2.2.1"
> 
> modifying entry "cn=schema"
> ldap_modify: Invalid syntax (21)
>         additional info: object class ( 1.1.2.1.1 NAME 'customPerson' SUP top 
> SYNTAX 1.3.6.1.4.1.99999.1.1.2.1.1 AUXILIARY MAY ( myAttributeName ) X-ORIGIN 
> 'Extending FreeIPA' ): Failed to parse objectclass, error(2) at ( 
> 1.3.6.1.4.1.99999.1.1.2.1.1 AUXILIARY MAY ( myAttributeName ) X-ORIGIN 
> 'Extending FreeIPA' ))
> 
> 
> And this is the (as far as I know) good ldif:
> 
> dn: cn=schema
> changetype: modify
> add: attributeTypes
> attributeTypes: ( 1.1.2.2.1
>  NAME 'myAttributeName'
>  EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>  SYNTAX 1.3.6.1.4.1.99999.1.1.2.2.1
>  X-ORIGIN 'Extending FreeIPA' )
> 
> dn: cn=schema
> changetype: modify
> add: objectClasses
> objectClasses: ( 1.1.2.1.1
>  NAME 'customPerson' SUP top
>  SYNTAX 1.3.6.1.4.1.99999.1.1.2.1.1
>  AUXILIARY
>  MAY ( myAttributeName )
>  X-ORIGIN 'Extending FreeIPA' )
> 
> 
> This should work as far as I know and discussed on IRC and I also read it 
> here: https://www.redhat.com/archives/freeipa-users/2017-January/msg00222.html
> 
> I hope someone can explain what could be going wrong.

I guess it is because you use your OID as SYNTAX, have you tried to use
an OID from
http://www.alvestrand.no/objectid/1.3.6.1.4.1.1466.115.121.1.html as
SYNTAX? (Sorry, I do not know how you can add your own syntax.

Additionally I wonder if using only the suffix at the beginning of the
declaration, e.g. 'attributeTypes: ( 1.1.2.2.1' is a typo because I'd
expect 'attributeTypes: ( 1.3.6.1.4.1.99999.1.1.2.2.1' here if you want
to add an attribute in your own namespace.

HTH

bye,
Sumit

> 
> Thanks,
> 
> Matt
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to