LDAP schema problems
Hi: I am writing here because OpenLDAP doesn't seem to have a list for user questions. I am building an address book, suffix dc=domain, dc=tld. I have two problems: a) To get attributes such as mail I use the inetOrgPerson object class. Further, since my contacts are personal contacts and not business I wanted to use the residentialPerson object class to get postal address attributes. It seems that the only difference from the organizationalPerson object class is that l is required parameter, but, I get this error: ldap_add: Internal (implementation specific) error (80) additional info: no structuralObjectClass operational attribute for this entry: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: residentialPerson objectClass: inetOrgPerson cn: First Lastname sn: Lastname l: somewhere While if I change residentialPerson to organizationalPerson, I get no error. I have found that I can add the residentialPerson if I remove inetOrgPerson objectClass. What causes the conflict? b) In their infinite wisdom, those who defined the person and derivative object classes did not add country to the list of possible attributes. Adding this object class to the otherwise working entry: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: country cn: First Lastname sn: Lastname l: somewhere c: XX I again get the error: ldap_add: Internal (implementation specific) error (80) additional info: no structuralObjectClass operational attribute I'd prefer not to go through the pain of defining my own schema from scratch, obtain OID etc just for adding such a basic attribute, what is the recommended patch? Thanks! Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F0C.crt Subject ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 Fingerprint: 7F:80:96:EA:95:92:E2:23:1F:FA:0F:98:92:C2:CC:55:6B:9A:8C:92 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LDAP schema problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 24 Apr 2006, Erik Norgaard wrote: Hi: I am writing here because OpenLDAP doesn't seem to have a list for user questions. I am building an address book, suffix dc=domain, dc=tld. I have two problems: a) To get attributes such as mail I use the inetOrgPerson object class. Further, since my contacts are personal contacts and not business I wanted to use the residentialPerson object class to get postal address attributes. It seems that the only difference from the organizationalPerson object class is that l is required parameter, but, I get this error: ldap_add: Internal (implementation specific) error (80) additional info: no structuralObjectClass operational attribute for this entry: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: residentialPerson objectClass: inetOrgPerson cn: First Lastname sn: Lastname l: somewhere While if I change residentialPerson to organizationalPerson, I get no error. I have found that I can add the residentialPerson if I remove inetOrgPerson objectClass. What causes the conflict? b) In their infinite wisdom, those who defined the person and derivative object classes did not add country to the list of possible attributes. Adding this object class to the otherwise working entry: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: country cn: First Lastname sn: Lastname l: somewhere c: XX I again get the error: ldap_add: Internal (implementation specific) error (80) additional info: no structuralObjectClass operational attribute I'd prefer not to go through the pain of defining my own schema from scratch, obtain OID etc just for adding such a basic attribute, what is the recommended patch? Erik, please try this: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: person objectClass: inetOrgPerson cn: First Lastname givenName: First sn: Lastname postalAddress: some_address postalCode: 12345 street: some_street st: some_state telephoneNumber: 01232234 mobile: 0042750 facsimileTelephoneNumber: 12470512 pager: 38979 homePhone: 07520326 homePostalAddress: some_address mail: [EMAIL PROTECTED] Do you need more? regards Joerg - -- The beginning is the most important part of the work. -Plato -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFETRa4SPOsGF+KA+MRAoXxAKC+r750qoLesN3Oojff8GgOK9sqJQCgvxai XFJ6wJB6fsleewvHZuVDMNg= =V+Yj -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LDAP schema problems
Joerg Pulz wrote: On Mon, 24 Apr 2006, Erik Norgaard wrote: b) In their infinite wisdom, those who defined the person and derivative object classes did not add country to the list of possible attributes. Adding this object class to the otherwise working entry: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: country cn: First Lastname sn: Lastname l: somewhere c: XX I again get the error: ldap_add: Internal (implementation specific) error (80) additional info: no structuralObjectClass operational attribute I'd prefer not to go through the pain of defining my own schema from scratch, obtain OID etc just for adding such a basic attribute, what is the recommended patch? Erik, please try this: dn: cn=First Lastname, ou=people, dc=domain, dc=tld objectClass: top objectClass: person objectClass: inetOrgPerson cn: First Lastname givenName: First sn: Lastname postalAddress: some_address postalCode: 12345 street: some_street st: some_state telephoneNumber: 01232234 mobile: 0042750 facsimileTelephoneNumber: 12470512 pager: 38979 homePhone: 07520326 homePostalAddress: some_address mail: [EMAIL PROTECTED] Do you need more? I was following this example from O'Reilly: http://www.onlamp.com/pub/a/onlamp/2003/03/27/ldap_ab.html I checked again inetOrgPerson inherits from organizationalPerson which inherits from person, so you can leave out the person object class. Now I also understand the conflict mentioned in my first question. Of course one can't mix both organizationalPerson and residentialPerson. But question b) remains, I still like to add country. As I understand state, st, applies in countries like US and Germany and should not be used for country. friendlyCountry doesn't work because it inherit country. It seems that to solve this I would have to define a schema with an auxCountry object class which is auxiliary rather than structural and just contains the attribute country. That would require applying of an OID branch etc... But maybe there is another schema I am unaware of? is there a schema repository? What do multinational organizations do? Thanks, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F0C.crt Subject ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 Fingerprint: 7F:80:96:EA:95:92:E2:23:1F:FA:0F:98:92:C2:CC:55:6B:9A:8C:92 smime.p7s Description: S/MIME Cryptographic Signature
