Shamika Joshi <[email protected]> writes: > As you guys suggested, I attempted to load dynlist.la module, but it gives me > folllowing error: > > adm...@x6:~$ ldapmodify -x -D cn=admin,cn=config -W > Enter LDAP Password: > dn: cn={0}module,cn=config > changetype: modify > add: olcModuleLoad > olcModuleLoad: dynlist.lamodifying entry "cn={0}module,cn=config" > ldap_modify: No such object (32) > matched DN: cn=config > > If I remove '{0}module,' from the dn it gives this error: > > adm...@x6:~$ > adm...@x6:~$ > adm...@x6:~$ ldapmodify -x -D cn=admin,cn=config -W > Enter LDAP Password: > dn: cn=config > changetype: modify > add: olcModuleLoad > olcModuleLoad: dynlist.lamodifying entry "cn=config" > ldap_modify: Object class violation (65) > additional info: attribute 'olcModuleLoad' not allowed > > I'm new to LDAP & dont have much knowldge about LDAP schema. Could you tell > what must be causing this error? Pls check cn=config attached with this mail. > > Thanks > Shamika > > On Thu, Apr 1, 2010 at 8:02 PM, Dieter Kluenter <[email protected]> wrote: > > Shamika Joshi <[email protected]> writes: > > > Hi > > The desired implementation is to control user logins on different lab > machines based on > > the project groups. > > Scenario: Bob is part of project group 'mars' & John is part of 'venus' > then I have added > > lab machines x1-x3 to group 'mars' & y1-y3 to group venus. Now I want > John to only access > > machines allocated for project 'mars' i.e x1 to x3 & John to access > machines allocated > > for 'venus' i.e y1 to y3 > > > > I went through this link learned that it can be achieved using "overlay > dynlist". Please > > correct me if I've got it wrong. > > However my lab server is Ubuntu 9.10 (karmic koala) and it is using > slapd.d (not > > slapd.conf) > > So now if I want to attempt to use "overlay dynlist" how should I go > about it? Has anyone > > done this before? Any help will be appreciated. > > ldapmodify -D cn=config -W -H ldap://some.host > dn: cn={0}module,cn=config > changetype: modify > add: olcModuleLoad > olcModuleLoad: dynlist.la > > and ldapadd the following ldif, while olcDataBase and olcDlAttrSet may > vary on your system. > > dn: olcOverlay=dynlist,olcDataBase={1}hdb,cn=config > objectClass: olcOverlayConfig > objectClass: olcDynamicList > olcOverlay: dynlist > olcDlAttrSet: groupOfURLs memberURL [...] > adm...@x6:~$ ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W > Enter LDAP Password: > dn: cn=config > objectClass: olcGlobal > cn: config > olcArgsFile: /var/run/slapd/slapd.args > olcLogLevel: none > olcPidFile: /var/run/slapd/slapd.pid > olcToolThreads: 1 > > dn: cn=module{0},cn=config > objectClass: olcModuleList > cn: module{0} > olcModulePath: /usr/lib/ldap > olcModuleLoad: {0}back_hdb
[...] check your module path whether the dynlist overlay ist installed at all. -Dieter -- Dieter Klünter | Systemberatung sip: +49.40.20932173 http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6
