At 01:41 AM 11/2/2005, Riccardo Alessandrini wrote: >I've imported in the slapd.conf file the following schemas: >core.schema >cosine.schema >inetorgperson.schema > >I can insert in the LDAP only one digital certificate for a user. >I can't insert more than one certificate in one entry, and when I try the >error >is the following: >"no equality matching rule" > >Any ideas, please?
If the attribute has no equality matching rule, such as userCertificate as defined in RFC 2256, then one cannot individually add/delete values from the attribute. One can create the attribute with multiple values, replace all values with a new set of multiple values, or delete the attribute. As modern versions of slapd(8), e.g. 2.3.11, implement userCertificate as defined in draft-zeilenga-ldap-x509-xx.txt, which specifies an equality matching rule for this attribute type, I suspect you are running an older version of slapd(8). If so, you should consider updating. Kurt
