"objectClass: olcBdbConfig" causes "ldap_add: Invalid syntax" error

Mon, 26 Jul 2010 19:00:14 -0700 

Hello. This is again the problem of adding a new database with cn=config
structure. Since I asked last question I now have much more knowledge to
ask again with more understandable description of the problem, thus new
post here.

In short the problem is "objectClass: olcBdbConfig" causes "ldap_add:
Invalid syntax" error.

Step 1:

    fresh new Ubuntu 10.04 installation with slapd package. (Production
    server is Debian, but home PC is Ubuntu, try at home first, there
    hardly can be difference on server packages like slapd between
    Ubutnu and Debian)


Step 2:

    Not being able to find default credential to access cn=config I
    added my own, adding these two lines to
    /etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif

    olcRootDN: cn=Manager,cn=config
    olcRootPW: secret

    And test the new credential works. (how do I test? [1])


Step 3:

    Adding a new database definition from ldif file. Error:

    # ldapadd -x -D cn=Manager,cn=config -w secret < /tmp/ldif
    adding new entry "olcDatabase=bdb,cn=config"
    ldap_add: Invalid syntax (21)
        additional info: objectClass: value #1 invalid per syntax

    The file that caused the error is attached below, I could not see
    anything wrong in it and it is mostly copied from document[2] example.

    # BDB definition for example.com
    dn: olcDatabase=bdb,cn=config
    objectClass: olcDatabaseConfig
    objectClass: olcBdbConfig
    olcDatabase: bdb
    olcSuffix: dc=example,dc=com
    olcDbDirectory: /var/lib/ldap
    olcRootDN: cn=Manager,dc=example,dc=com
    olcRootPW: secret
    olcDbIndex: uid pres,eq
    olcDbIndex: cn,sn,uid pres,eq,approx,sub
    olcDbIndex: objectClass eq
    olcAccess: to attrs=userPassword
      by self write
      by anonymous auth
      by dn.base="cn=Admin,dc=example,dc=com" write
      by * none
    olcAccess: to *
      by self write
      by dn.base="cn=Admin,dc=example,dc=com" write
      by * read


[1] To verify the credential I added to cn=config is usable I did this:

# ldapsearch -x -D cn=Manager,cn=config -w secret -b cn=config | tail
 ,cn=auth manage by * break
olcRootDN: cn=Manager,cn=config
olcRootPW: secret

# search result
search: 2
result: 0 Success

# numResponses: 6
# numEntries: 5

[2] ending page of this document: 
http://www.openldap.org/doc/admin24/slapdconf2.html

Reply via email to