I did what you suggested and it still generated quite a bit of errors.
It seems it wants everything to begin with a dn.
# ./start-slapd
[17/Nov/2004:13:58:56 -0500] - slapi_str2entry: entry has no dn
[17/Nov/2004:13:58:56 -0500] dse - parsing dse entry [attributetypes]
[17/Nov/2004:13:58:56 -0500] dse - Please edit the file to correct the
reported problems and then restart the server.
I just focused on one attribute in 60radiator.ldif for now. The file
simply contains the following.
attributetypes: ( 1.3.6.1.4.1.9048.1.1.1 NAME 'oscRadiusTarget'
DESC 'Users with this realm will be proxied to the specified
oscRadiusHost'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
Thoughts?
Steve
Rich Megginson <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>...
> Looks really close. It's not LDIF format, but it's very close. Try this:
> 1) change 'attributetype' to 'attributetypes:' (notice the :)
> 2) change 'objectclass' to 'objectclasses:'
> 3) remove all lines that begin with # (shouldn't be necessary, but do it just
> to make sure)
> 4) either make all definitions on one line or make sure continuation lines
> begin with a single space character
>
> Then you should have a file in proper LDIF format. Rename your file to e.g.
> 60radiator.ldif, copy it into your server
> root/slapd-<instance>/config/schema, and restart slapd-<instance>. If you
> are going to be creating new instances of DS
> in the same server root, also copy the file to server
> root/bin/slapd/install/schema to make it available to new instances.
>
> awrightus wrote:
> > Sure.
> >
> > Steve
> >
> > ----
> >
> > # radiator-ldap.schema
> > #
> > # Sample OpenLDAP schema for Radiator (www.open.com.au/radiator) for
> > # use with AuthLDAPRADIUS
> > #
> > # To use this schema, add a line like this to your
> > /etc/openldap/slapd.conf:
> > # include /path/to/your/radiator-ldap.schema
> > #
> > # A sample LDIF file to insert a sample record for testing can be
> > found
> > # in goodies/radiator-ldap.ldif
> > #
> > # Author: Mike McCauley ([EMAIL PROTECTED])
> > # Copyright (C) 2004 Open System Consultants
> > # $Id: radiator-ldap.schema,v 1.2 2004/10/04 10:35:03 mikem Exp $
> >
> > # The following OID arcs are defined:
> > # 1.3.6.1.4.1.9048.1.1 OSC defined attribute types
> > # 1.3.6.1.4.1.9048.1.2 OSC defined attribute syntaxes
> > # 1.3.6.1.4.1.9048.1.3 OSC defined object classes
> >
> > ############################################################################
> > # oscRadiusRealm object defines which Radius servers to proxy users
> > # from a given realm.
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.1 NAME 'oscRadiusTarget'
> > DESC 'Users with this realm will be proxied to the specified
> > oscRadiusHost'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.2 NAME 'oscRadiusHost'
> > DESC 'Name or IP address of a radius host to proxy to'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.3 NAME 'oscRadiusSecret'
> > DESC 'Shared secret for Radius client or remote server'
> > EQUALITY caseExactMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.4 NAME 'oscRadiusAuthPort'
> > DESC 'Authentication port number or name'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{20} SINGLE-VALUE)
> >
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.5 NAME 'oscRadiusAcctPort'
> > DESC 'Accounting port number or name'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{20} SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.6 NAME 'oscRadiusRetries'
> > DESC 'Max number of retransmissions'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.7 NAME 'oscRadiusRetryTimeout'
> > DESC 'Number of seconds to wait before retransmission'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.8 NAME
> > 'oscRadiusUseOldAscendPasswords'
> > DESC 'True if old Ascend compatible passwords are to be sent'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.9 NAME
> > 'oscRadiusServerHasBrokenPortNumbers'
> > DESC 'True if remote server replies from different port the
> > request was sent to'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.10 NAME
> > 'oscRadiusServerHasBrokenAddresses'
> > DESC 'True if remote server replies from different address the
> > request was sent to'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.11 NAME
> > 'oscRadiusIgnoreReplySignature'
> > DESC 'True if the signature in replies from the remote server
> > are known to be incorrect'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > # Value of failure policy can be:
> > # 0 ACCEPT
> > # 1 REJECT
> > # 2 IGNORE
> > # 3 CHALLENGE
> > # 4 REJECT_IMMEDIATE
> > attributetype ( 1.3.6.1.4.1.9048.1.1.12 NAME 'oscRadiusFailurePolicy'
> > DESC 'How to respond to original request if no reply is ever
> > received from remote server'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > objectclass ( 1.3.6.1.4.1.9048.1.3.1 NAME 'oscRadiusRealm' SUP top
> > STRUCTURAL
> > DESC 'OSC Radius proxy realm'
> > MUST ( oscRadiusTarget $ oscRadiusHost $ oscRadiusSecret)
> > MAY ( cn $ oscRadiusAuthPort $ oscRadiusAcctPort $
> > oscRadiusRetries $ oscRadiusRetryTimeout $
> > oscRadiusUseOldAscendPasswords $ oscRadiusServerHasBrokenPortNumbers
> > $ oscRadiusServerHasBrokenAddresses $
> > oscRadiusIgnoreReplySignature $ oscRadiusFailurePolicy))
> >
> >
> > ############################################################################
> > # oscRadiusClient object defines which Radius clients we are willing
> > to accept
> > # requests from. Note that the attribute names are derived from the
> > standard Clinet clause paramter names,
> > # and are consistent with the default behaviour of the ClientListLDAP
> > clause
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.21 NAME 'oscRadiusClientName'
> > DESC 'Requests from Radius clients with this name or address
> > will be hounoured by Radiator'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.22 NAME
> > 'oscRadiusIgnoreAcctSignature'
> > DESC 'True if the signature in accounting requests from this
> > client are known to be incorrect'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.23 NAME 'oscRadiusDupInterval'
> > DESC 'Duplicate requests received withing this interval in
> > seconds are ignored'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.24 NAME 'oscRadiusNasType'
> > DESC 'Type of NAS'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.25 NAME 'oscRadiusSNMPCommunity'
> > DESC 'The Community name for accessing SNMP on this client'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.26 NAME 'oscRadiusLivingstonOffs'
> > DESC 'Offset for calculating missing ports'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.27 NAME 'oscRadiusLivingstonHole'
> > DESC 'Gap for calculating missing ports'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.28 NAME
> > 'oscRadiusFramedGroupBaseAddress'
> > DESC 'Base address for calculating IP addresses'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.29 NAME
> > 'oscRadiusFramedGroupMaxPortsPerClassC'
> > DESC 'Max number of IP addresses to be allocated within a
> > class C address range'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.30 NAME
> > 'oscRadiusFramedGroupPortOffset'
> > DESC 'Offset for calulating IP addresses'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.31 NAME
> > 'oscRadiusRewriteUsername'
> > DESC 'Pattern for rewriting usernames'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{100} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.32 NAME
> > 'oscRadiusStatusServerShowClientDetails'
> > DESC 'True if Status-Server requests from this client should
> > include Clinet details in the reply'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.33 NAME 'oscRadiusPreHandlerHook'
> > DESC 'Perl code to be run before requests from this cleint are
> > passed to a handler'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.34 NAME 'oscRadiusPacketTrace'
> > DESC 'True if requests received from this client are top be
> > packet-traced'
> > EQUALITY booleanMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.35 NAME
> > 'oscRadiusIdenticalClients'
> > DESC 'Names and addresses of other Clients with identical
> > configuration'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.36 NAME
> > 'oscRadiusNoIgnoreDuplicates'
> > DESC 'Name of a request type for whioch duplicates will not be
> > ignored'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{100} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.37 NAME 'oscRadiusDefaultReply'
> > DESC 'Names and values of reply attributes which will be added
> > only if the reply would otherwise have no reply attributes'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.38 NAME 'oscRadiusFramedGroup'
> > DESC 'Base address for Framed-Group'
> > EQUALITY integerMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.39 NAME 'oscRadiusStripFromReply'
> > DESC 'Names of attributes which will be stripped from all
> > replies to this client'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.40 NAME 'oscRadiusAllowInReply'
> > DESC 'Names of attributes which are allowed in replies to this
> > client'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.41 NAME 'oscRadiusAddToReply'
> > DESC 'Names and values of reply attributes which will be added
> > to the reply'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.42 NAME
> > 'oscRadiusAddToReplyIfNotExist'
> > DESC 'Names and values of reply attributes which will be added
> > to the reply only if they are not already present'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.43 NAME 'oscRadiusDynamicReply'
> > DESC 'Names of attributes which are eligible for runtime
> > variable substitution'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.44 NAME
> > 'oscRadiusStripfromRequest'
> > DESC 'Names of attributes which are to be stripped from the
> > request before being passed to a Handler'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.45 NAME 'oscRadiusAddToRequest'
> > DESC 'Names and values of reply attributes which will be added
> > to the request before being passed to a Handler'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> > attributetype ( 1.3.6.1.4.1.9048.1.1.46 NAME
> > 'oscRadiusAddToRequestIfNotExist'
> > DESC 'Names and values of reply attributes which will be added
> > to the request before being passed to a Handler if they are not
> > already present'
> > EQUALITY caseIgnoreMatch
> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
> >
> >
> > objectclass ( 1.3.6.1.4.1.9048.1.3.21 NAME 'oscRadiusClient' SUP top
> > STRUCTURAL
> > DESC 'OSC Radius Client'
> > MUST ( oscRadiusClientName $ oscRadiusSecret)
> > MAY ( cn $ oscRadiusIgnoreAcctSignature $
> > oscRadiusDupInterval $ oscRadiusNasType $
> > oscRadiusSNMPCommunity $ oscRadiusLivingstonOffs $
> > oscRadiusLivingstonHole $
> > oscRadiusFramedGroupBaseAddress $
> > oscRadiusFramedGroupMaxPortsPerClassC $
> > oscRadiusFramedGroupPortOffset $ oscRadiusRewriteUsername $
> > oscRadiusUseOldAscendPasswords $
> > oscRadiusStatusServerShowClientDetails $
> > oscRadiusPreHandlerHook $ oscRadiusPacketTrace $
> > oscRadiusIdenticalClients $ oscRadiusNoIgnoreDuplicates $
> > oscRadiusDefaultReply $
> > oscRadiusFramedGroup $ oscRadiusStripFromReply $
> > oscRadiusAllowInReply $ oscRadiusAddToReply $
> > oscRadiusAddToReplyIfNotExist $ oscRadiusDynamicReply $
> > oscRadiusStripfromRequest $
> > oscRadiusAddToRequest $ oscRadiusAddToRequestIfNotExist))
> >
> > ----
> >
> >
> > Rich Megginson <[EMAIL PROTECTED]> wrote in message news:<[EMAIL
> > PROTECTED]>...
> >
> >>Could you post the OpenLDAP .schema file?
> >>
> >>awrightus wrote:
> >>
> >>>I have a OpenLDAP .schema file that I want to import into my Netscape
> >>>Directory Server 6.1 schema. The format of the OpenLDAP .schema file
> >>>doesn't use the exact same syntax as what's required by 99user.ldif.
> >>>Is there an easy way to update Netscape's schema with the contents of
> >>>a OpenLDAP .schema file? Thanks.
> >>>
> >>>Steve
_______________________________________________
mozilla-directory mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-directory
