Re: [Openca-Users] naming attribute 'email' is not present in entry

Sat, 21 Feb 2004 05:08:28 -0800

Here's the two relevant lines from the slapd log.
conn=0 op=5 ADD dn="[EMAIL PROTECTED],cn=ca,ou=intern,o=Trident,c=US"
conn=0 op=5 RESULT tag=105 err=64 text=naming attribute 'email' is not present in entry

Every attributetype/attributevaluepair that is used in the RDN (thus the naming attribute in this case "[EMAIL PROTECTED]") has also to be in the entry itself. Thus the entry has to have an email attribute with the value [EMAIL PROTECTED]

Hope this helps.

Cheers,

Peter



Gene Hovey wrote:


I've setup 0.9.1-7 with most of the defaults including the use of the old-style DNs.

Starting with an "empty" OpenLDAP database, and with debug on in the LDAP-related functions (Thanks Michael !), I've gotten OpenCA to establish the root entry (o=Trident,c=US in my case) as well as the next entry (OU=intern,o=Trident,c=US). It now comes to creating an entry for the CA-Certificate into LDAP and I get the following two lines from the slapd log. Note that my LDAP schema includes the pkiCA, pkiUser, and even that rfc822MailUser object classes otherwise I would not have gotten past the root entry creation. Anyway, the issue according to the slapd log is that none of the object classes that OpenCA is using include an "email" attribute which OpenLDAP is requiring because it is part of the DN.
My question: if OpenCA defaults to putting email in DN, then what LDAP object class did OpenCA expect to have an email attribute?

Here's the two relevant lines from the slapd log.
conn=0 op=5 ADD dn="[EMAIL PROTECTED],cn=ca,ou=intern,o=Trident,c=US"
conn=0 op=5 RESULT tag=105 err=64 text=naming attribute 'email' is not present in entry

Here's the debug info shown in the browser. Note that I added a loop that lists the objectclasses to complement the debug loop of the attributes. :)

Try to add [EMAIL PROTECTED],CN=ca,OU=intern,o=Trident, c=US ...
attribute: emailAddress
value: [EMAIL PROTECTED]
LDAP Schema DN: [EMAIL PROTECTED],CN=ca,OU=intern,o=Trident, c=US
node doesn't exist
Attributes for the insertion:
ou = intern
cn = ca
mail = [EMAIL PROTECTED]
objectclass = ARRAY(0x8d1c4e8)
Objectclasses for the insertion:
top
organizationalRole
rfc822MailUser
pkiCA
pkiUser
Must setup a CA-cert
The resultcode of the nodeinsertion was 64.

Cannot write CA-Certificate 510b56b8e9fdba7a91cda4f6e6c56d5f to LDAP


Thank you.
Gene Hovey






-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users



--
_______________________________________________________________________

Peter Gietz (CEO)
DAASI International GmbH                phone: +49 7071 2970336
Wilhelmstr. 106                         Fax:   +49 7071 295114
D-72074 T�bingen                        email: [EMAIL PROTECTED]
Germany                                 Web:   www.daasi.de

Directory Applications for Advanced Security and Information Management
_______________________________________________________________________




-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id56&alloc_id438&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to