I solved the problem.
I tried to add my radiusschema.ldif using LDAP admin, and it gave an error: "Line 64: "dn" expected, but "add" found". So instructions here: https://www.redhat.com/archives/freeipa-users/2014-February/msg00050.html are incomplete. When creating an ldif-file from the schema-file, it's necessary to repeat this part:


dn: cn=schema
changetype: modify

before this part:

add: objectclasses

After that everything proceeds normally, and it's possible to add "radiusprofile" objectclass to default user objectclasses.

28-Oct-14 15:43, Orkhan Gasimov пишет:
OK, thanks for info.
First I used that command with " | grep radius" at the end prior to adding my radiusschema.ldif.
It returned no data.
Then I added my radiusschema.ldif using the command:

# ldapmodify -ZZ -x -D "cn=Directory Manager" -W -H ldap://localhost -f /usr/share/radiusschema.ldif

Then I issued the command you suggested again with " | grep radius|less" at the end. This time it retrned a lot of entries (apparently those that were in the radiusschema.ldif file).

But when I tried to switch to GUI and add "radiusprofile" objectclass, I got the same message:

"IPA Error 4001: NotFound

objectclass radiusprofile not found"

I know that radius schema taken from http://open.rhx.it/phamm/schema/radius.schema works,
it was checked by me with OpenLDAP 2.4 and FreeRadius 2.2.

What am I doing wrong? Removing "MUST cn" from the schema gives no difference.



25-Oct-14 00:38, Rich Megginson пишет:
Are you trying to list the schema over LDAP? Where did you get the above instructions? They are wrong. Use

ldapsearch -o ldif-wrap=no -Y GSSAPI -s base -b "cn=schema" attributeTypes objectClasses


--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to