I've been following the instructions in ldap_howto.txt, and I created the schema.ldif file exactly as outlined in the doc. But when I run the ldapadd command it gives the following error:[EMAIL PROTECTED] ldapadd -f schema.ldif -x -D "cn=root,dc=mydomain,dc=com" -w secret adding new entry "dc=mydomain,dc=com" adding new entry "ou=radius,dc=mydomain,dc=com" adding new entry "ou=profiles,ou=radius,dc=mydomain,dc=com" adding new entry "ou=users,ou=radius,dc=mydomain,dc=com" adding new entry "ou=admins,ou=radius,dc=mydomain,dc=com" adding new entry "uid=dial,ou=profiles,ou=radius,dc=mydomain,dc=com" ldap_add: Object class violation (65) additional info: no structural object class provided I do have the include statement for "RADIUS-LDAPv3.schema" configured in my slapd.conf, and I already verified that it is readable by the user ldap (and that the path is correct). Here is the entry ldapadd is erroring on: dn: uid=dial,ou=profiles,ou=radius,dc=mydomain,dc=com objectclass: radiusprofile uid: dial radiusServiceType: Framed-User radiusFramedProtocol: PPP radiusFramedIPNetmask: 255.255.255.0 radiusFramedRouting: None
I apologize, I wrote that document and it hasn't been updated in some time. The ldap_howto uses the uid attribute instead of the cn. This was changed a few years ago in the default ldap schema that came with freeradius, but I haven't updated that doc. Here are some choices for you.
1. Use cn instead of uid. If you haven't yet built your ldap schema, then this will be the easiest route. It will also be compatiable with upgrades w/out having to mess with the ldap schema. Just change your ldap section in radiusd.conf to use cn instead of uid and then add your users to the directory using cn instead of uid.
2. Modify RADIUS-LDAPv3.schema to use the uid attribute. In the objectclass of radiusprofile change the MUST (cn) to Must (uid). If you already have your directory built and you aren't using cn, but are using uid, then this will work for you.
However, remember if you ever upgrade and copy the new RADIUS-LDAPv3.schema to your openldap instance, you will need to modify the file again.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
