On 10/24/2014 06:27 AM, Орхан Касумов wrote:
New task: I want to add an additional schema (radius schema) to
default user object classes.
I prepared the ldif-file for the schema:
https://cloud.mail.ru/public/40edc9a6c9bb%2Fradiusschema.ldif ,
then followed instructions in
https://www.redhat.com/archives/freeipa-users/2014-February/msg00050.html
At step #2 of the instructions, ldapmodify command was run;
as I'm using FreeIPA 4.1 in a multi-master replication scenario with 2
servers,
the command was run on both servers and produced this output on both:
modifying entry "cn=schema"
Then I switched to GUI and added "radiusprofile" objectclass. After
hitting the "Update" button I got the message:
"IPA Error 4001: NotFound
objectclass radiusprofile not found"
Restarting ipactl didn't help.
Command "ldapsearch -Y GSSAPI | grep schema" gives no output besides
informational SASL messages.
Are you trying to list the schema over LDAP? Where did you get the
above instructions? They are wrong. Use
ldapsearch -o ldif-wrap=no -Y GSSAPI -s base -b "cn=schema"
attributeTypes objectClasses
If you are using an older version of ldapsearch that doesn't support
ldif-wrap, see http://richmegginson.livejournal.com/18726.html
There is a "MUST cn" part in the objectclass definition in the
ldif-file, but even after removing it the situation doesn't change.
Please help me to understand where is the problem, and is it generally
possible to use radius.schema with FreeIPA?
The original schema was taken from:
http://open.rhx.it/phamm/schema/radius.schema
Thanks in advance!
--
Орхан Касумов
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
