Sorry, I didn't catch you. Can you explain more ? Thanks.
On Thu, Mar 2, 2023 at 6:17 PM Howard Chu <h...@symas.com> wrote:
> luckydog xf wrote:
> > Hi, list,
> >
> > I'm trying to migrate opendj to openLDAP. Here is a customized schema.
> > ===
> > dn: cn=schema
> > objectclass: top
> > objectclass: ldapSubentry
> > objectclass: subschema
> > cn: schema
> > attributeTypes: ( 1.12.23.34.45.56.780 NAME 'active' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.7 X-SCHEMA-FILE '99-user.ldif' )
> > attributeTypes: ( 1.12.23.34.45.56.782 NAME 'accountName' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> > attributeTypes: ( 1.12.23.34.45.56.784 NAME 'djGroups' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> > attributeTypes: ( 1.12.23.34.45.56.786 NAME 'departmentId' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> > attributeTypes: ( 1.12.23.34.45.56.788 NAME 'department' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> > attributeTypes: ( 1.12.23.34.45.56.790 NAME 'companyCode' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> > attributeTypes: ( 1.12.23.34.45.56.792 NAME 'parent' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 X-SCHEMA-FILE '99-user.ldif' )
> > ds-sync-generation-id: 8408
> > ds-sync-state: 01050186432c61a90000f9ca10880
> > ds-sync-state: 0105017a002b3170002f4a1b16311
> > modifiersName: cn=Administrator
> > modifyTimestamp: 20190711063414Z
> > objectClasses: ( 1.12.23.34.45.56.880 NAME 'idmExt' DESC 'idm user
> extended attributes' SUP top AUXILIARY MUST active MAY ( accountName $
> djGroups $
> > departmentId $ department $ companyCode ) X-SCHEMA-FILE
> > '99-user.ldif' )
> > objectClasses: ( 1.12.23.34.45.56.890 NAME 'idmDept' DESC 'idm
> department extended attributes' SUP top AUXILIARY MAY parent X-SCHEMA-FILE
> '99-user.ldif' )
> > ===
> >
> > I changed it to LDAP compliant one.
>
> LDIF files must not have blank lines within a single entry. You added an
> entry with "cn" and no other attributes.
> > ---
> > dn: cn=djuser,cn=schema,cn=config
> > objectClass: olcSchemaConfig
> > cn: djuser
> >
> > olcAttributeTypes: ( 1.12.23.34.45.56.780 NAME 'active' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.7 )
> > olcAttributeTypes: ( 1.12.23.34.45.56.782 NAME 'accountName' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> > olcAttributeTypes: ( 1.12.23.34.45.56.784 NAME 'djGroups' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> > olcAttributeTypes: ( 1.12.23.34.45.56.786 NAME 'departmentId' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> > olcAttributeTypes: ( 1.12.23.34.45.56.788 NAME 'department' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> > olcAttributeTypes: ( 1.12.23.34.45.56.790 NAME 'companyCode' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> > olcAttributeTypes: ( 1.12.23.34.45.56.792 NAME 'parent' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
> >
> > olcObjectClasses: ( 1.12.23.34.45.56.880 NAME 'idmExt' DESC 'idm user
> extended attributes' SUP top AUXILIARY MUST active MAY ( accountName $
> djGroups $
> > departmentId $ department $ companyCode ) )
> > olcObjectClasses: ( 1.12.23.34.45.56.890 NAME 'idmDept' DESC 'idm
> department extended attributes' SUP top AUXILIARY MAY parent )
> >
> > -----
> > It can be imported by `ldapadd -Y EXTERNAL -H ldapi:/// -f 99-user.ldif`
> > However, there is nothing in
> > ===
> > [root@hq-repo cn=config]# more cn\=schema/cn\=\{10\}djuser.ldif
> > # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
> > # CRC32 310b21fa
> > dn: cn={10}djuser
> > objectClass: olcSchemaConfig
> > cn: {10}djuser
> > structuralObjectClass: olcSchemaConfig
> > entryUUID: 6b852150-4b97-103d-86fe-7b79b4eef873
> > creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> > createTimestamp: 20230228093837Z
> > entryCSN: 20230228093837.038174Z#000000#000#000000
> > modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> > modifyTimestamp: 20230228093837Z
> >
> > ===
> > I'm using openldap 2.4.
> > Anything wrong with my schema ?
> >
> > Thanks.
>
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>
