I added the following to my schema directory:
dn: cn=schema
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser' DESC 'User(s) who
may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
[...etc...]
and referenced it in slapd.conf as:
include /etc/openldap/schema/sudoers.schema
This looks like you're mixing a classic config file and a back-config
configuration. My guess is you need to include sudoers.schema using
back-config.
On reviewing the list of available objectClasses with the GQ application, I
can't find the objectClass sudoRole, although I _can_ find the five
attributes, in the attribute list.
Eh, or maybe there's something worse going on...
I also can't figure out how to dump the schemas with ldapsearch or any other
command, so I can check to see for myself what's in there.
All gq is doing is searching under "cn=Subschema" base. You can do that
with ldapsearch.
Your real debugging maneuver, assuming you're in a position to do this, is
to restart slapd with "-d config" debug option.
