Bug#759362: [Pkg-openldap-devel] Bug#759362: slapd: Missing objectClass olcSyncProvConfig in cn=schema.ldif
Control: tags -1 + moreinfo unreproducible
Hi Ruud,
On Tue, Aug 26, 2014 at 11:01 AM, Ruud Baart r.j.ba...@prompt.nl wrote:
While configuring the syncprov overlay I discovered the the objectClass
olcSyncProvConfig was missing.
Can you please provide an example of a configuration that reproduces
this? Starting from a newly-installed slapd, the following LDIF:
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: syncprov
dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config
changetype: add
objectClass: olcSyncProvConfig
olcSpNoPresent: TRUE
olcSpReloadHint: TRUE
works correctly for me. The olcSyncProvConfig object class and its
attributes appear in the schema as soon as the module is loaded.
This objectclass should be available in
/etc/ldap/slapd.d/cn=config/cn=schema.ldif. The solution was quite simple:
replace cn=schema.ldif with the information that can be found here:
http://www.zytrax.com/books/ldap/ape/cn=schema.txt.
Thanks for the suggestion, but this is the wrong solution. For one
thing the files under /etc/ldap/slapd.d are private data of slapd and
should never be modified by hand; and for another thing
olcSyncProvConfig is internal schema that should be supplied by slapd
itself, not by the user.
thanks,
Ryan
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#759362: [Pkg-openldap-devel] Bug#759362: slapd: Missing objectClass olcSyncProvConfig in cn=schema.ldif
I assume that I was wrong. According to your explanation I made the
mistake by copying the configuration from other LDAP servers and editing
files. If it is correct that it is an internal schema that comes
available with the appropriate ldapadd, I probably worked in a wrong manner:
(1) I copied the complete slap.d directory from a other server with
the same LDAP
(2) I edited cn=module{0}.ldif, added the line olcModuleLoad:
{1}syncprov (and others)
(3) restarted slapd
Then I wanted to configure syncprov with Softerra LDAP administrator.
There I could not found the objectClass olcSyncProvConfig. After some
googling I found it in the URL I mentioned. I replaced cn=schema.ldif
and after that I was able to configure syncprov with Softerra LDAP
administrator. This way of working is fast but probably not allowed.
So I can't give an example because I immediately made adjustments to the
freshly installed slapd package.
Ryan Tandy schreef op 26-8-2014 21:01:
Control: tags -1 + moreinfo unreproducible
Hi Ruud,
On Tue, Aug 26, 2014 at 11:01 AM, Ruud Baart r.j.ba...@prompt.nl wrote:
While configuring the syncprov overlay I discovered the the objectClass
olcSyncProvConfig was missing.
Can you please provide an example of a configuration that reproduces
this? Starting from a newly-installed slapd, the following LDIF:
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: syncprov
dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config
changetype: add
objectClass: olcSyncProvConfig
olcSpNoPresent: TRUE
olcSpReloadHint: TRUE
works correctly for me. The olcSyncProvConfig object class and its
attributes appear in the schema as soon as the module is loaded.
This objectclass should be available in
/etc/ldap/slapd.d/cn=config/cn=schema.ldif. The solution was quite simple:
replace cn=schema.ldif with the information that can be found here:
http://www.zytrax.com/books/ldap/ape/cn=schema.txt.
Thanks for the suggestion, but this is the wrong solution. For one
thing the files under /etc/ldap/slapd.d are private data of slapd and
should never be modified by hand; and for another thing
olcSyncProvConfig is internal schema that should be supplied by slapd
itself, not by the user.
thanks,
Ryan
--
Met vriendelijke groeten/Regards,
Tiswe/R.J. Baart Automatisering B.V.
Ruud Baart
Tel: +31 6 51318104
Bug#759362: [Pkg-openldap-devel] Bug#759362: slapd: Missing objectClass olcSyncProvConfig in cn=schema.ldif
Hi Ruud,
On 26/08/14 12:28 PM, Ruud Baart wrote:
I assume that I was wrong. According to your explanation I made the
mistake by copying the configuration from other LDAP servers and editing
files. If it is correct that it is an internal schema that comes
available with the appropriate ldapadd, I probably worked in a wrong manner:
(1) I copied the complete slap.d directory from a other server with
the same LDAP
(2) I edited cn=module{0}.ldif, added the line olcModuleLoad:
{1}syncprov (and others)
(3) restarted slapd
This is not a supported way of editing the configuration. It can be
modified online with ldapmodify like my earlier example, or offline
using slapcat/slapadd (see http://serverfault.com/a/618178 for an
example of the latter).
Then I wanted to configure syncprov with Softerra LDAP administrator.
There I could not found the objectClass olcSyncProvConfig. After some
googling I found it in the URL I mentioned. I replaced cn=schema.ldif
and after that I was able to configure syncprov with Softerra LDAP
administrator. This way of working is fast but probably not allowed.
I can't explain this. It may be a bug or misconfiguration in your
Softerra tool. For me, even after editing cn=module{0}.ldif directly
like you did and starting slapd, the live schema as queried by
ldapsearch -H ldapi:// -QY EXTERNAL -LLL -s base -b cn=schema,cn=config
or
ldapsearch -x -LLL -s base -b cn=Subschema +
does contain the olcSyncProvConfig object class.
thanks,
Ryan
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
