On Wed, Mar 6, 2013 at 5:52 PM, Maria McKinley <[email protected]>wrote:
> Hi there,
>
> I recently changed from the slapd.conf configuration to the slapd.d
> configuration. Everything seemed to go reasonably well, but for some reason
> the shadowLastChange attribute was missing from all of the people. When I
> try to add it back in, I get:
>
> ldap_add: Object class violation (65) additional info: no objectClass
> attribute
>
> but, I seem to have the schema and objectClasses for ShadowLastChange:
>
> annette:~# ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=schema,cn=config
> "(objectClass=olcSchemaConfig)" dn
> dn: cn=schema,cn=config
>
> dn: cn={0}core,cn=schema,cn=config
>
> dn: cn={1}cosine,cn=schema,cn=config
>
> dn: cn={2}nis,cn=schema,cn=config
>
> dn: cn={3}inetorgperson,cn=schema,cn=config
>
> dn: cn={4}misc,cn=schema,cn=config
>
> maria@mimi:~/sysadmin$ ldapsearch -xLLL "uid=jd"
> dn: uid=jd,ou=people,dc=example,dc=com
> objectClass: top
> objectClass: posixAccount
> objectClass: shadowAccount
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: inetLocalMailRecipient
> cn: Jochen Ditterich
> shadowMax: 365
> gidNumber: 100
> uid: jd
> homeDirectory: /home/jd
> mailRoutingAddress: [email protected]
> uidNumber: 1025
> sn: Ditterich
> shadowWarning: 7
> mailLocalAddress: jd
> mail: [email protected]
> loginShell: /bin/bash
>
> Anyone have any idea what might be going on? What am I missing?
>
> thanks,
> maria
>
So, I got past that error message (had an error in my change file), but now
things are even stranger. When I got it right, I got the following message:
add shadowLastChange:
15771
modifying entry "uid=jd,ou=people,dc=example,dc=com"
ldap_modify: Constraint violation (19)
additional info: attribute 'shadowLastChange' cannot have multiple
values
That's strange. So, maybe it thinks it already has that attribute. let's
see what happens if we try to modify it instead of add it:
replace shadowLastChange:
15771
modifying entry "uid=jd,ou=people,dc=example,dc=com"
modify complete
Huh, well that seemed to have worked. Let's see what the value is now.
annette:~# ldapsearch -x "uid=jd" shadowLastChange
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> (default) with scope subtree
# filter: uid=jd
# requesting: shadowLastChange
#
# jd, people, example.com
dn: uid=jd,ou=people,dc=example,dc=com
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Um, so where is it? Help!
thanks,
maria
