Klaus Heinrich Kiwi wrote: > On Tue, 2008-09-16 at 22:01 +0200, Michael Ströder wrote: >>> [EMAIL PROTECTED] ~]# ldapmodify -H ldap://host -D cn=root -w passwd -x -ZZ >> -a -f /usr/share/doc/krb5-server-ldap-1.6.2/kerberos.ldif >>> ldapmodify: invalid format (line 5) entry: "cn=schema" >> You should provide the relevant excerpt of the LDIF file. > > It's the regular MIT-Kerberos Schema that comes with krb5-server-ldap: > http://anonsvn.mit.edu/cgi-bin/viewcvs.cgi/*checkout*/trunk/src/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif?rev=19972
The file might not fully comply to RFC 2849 (LDIF). > Looks like the client doesn't count the commented lines in the above > error message, so I'm assuming the problematic lines to be: > > dn: cn=schema > changetype: modify > add: attributetypes > attributetypes: ( 2.16.840.1.113719.1.301.4.1.1 > NAME 'krbPrincipalName' > EQUALITY caseExactIA5Match > SUBSTR caseExactSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) > > > I must note that I can correctly import the above LDIF using IBM Server (ITDS > 6.1) 'ldapmodify'. Depends on how liberal the LDIF parser is. I'd clean up the file above: - remove the comments - clean-up line continuations - separate each record by a *single* empty line - watch out which line-endings are used Ciao, Michael.
