Hi Michael
I added it using ldapadd.
I removed the account ObjectClass and now only use applicationProcess:
# preset, Service Accounts, blah
dn: uid=preset,ou=Service Accounts,dc=blah
objectClass: top
objectClass: extensibleObject
objectClass: applicationProcess
uid: preset
cn: preset
sn:
Douglas Duckworth wrote:
> adding new entry "uid=preset,ou=Service Accounts,dc=blah
> ldap_add: Object class violation (65)
> additional info: invalid structural object class chain
> (account/applicationProcess)
A directory entry must have a *single* structural object class. While
there
Thanks everyone. I agree it would be ideal to differenaiate this account
from others. So far it's in own OU while standard users are in People.
Seeing an error.
The ldif:
dn: uid=preset,ou=Service Accounts,dc=blah
objectClass: top
objectClass: account
objectClass: applicationProcess
Enter
MJ J wrote:
> Service accounts typically use the simpleSecurityObject object class.
But one needs an appropriate structural object class to add the entry.
'simpleSecurityObject' is an auxiliary object class without any naming
attribute.
Ciao, Michael.
> On Tue, Dec 19, 2017 at 9:15 PM, Douglas
Douglas Duckworth wrote:
> It seems I created this service account with posixAccount objectClass.
> That requires uidNumber.
>
> So I need to do some research on what's the appropriate objectClass for
> this service account. It's used by SSSD and Apache, for example, to
> perform binds with our
t;>
>> On Wed, Oct 25, 2017 at 9:18 PM, John Lewis <j...@hyperbolicinnovation.com>
>> wrote:
>>>
>>> On Wed, 2017-10-25 at 09:32 -0400, Douglas Duckworth wrote:
>>> > Hi
>>> >
>>> > Do I need uidNumber for Service
746-8690>
>
> On Wed, Oct 25, 2017 at 9:18 PM, John Lewis <j...@hyperbolicinnovation.com>
> wrote:
>
>> On Wed, 2017-10-25 at 09:32 -0400, Douglas Duckworth wrote:
>> > Hi
>> >
>> > Do I need uidNumber for Service Accounts used for application /
>&g
Unit
Physiology and Biophysics
Weill Cornell Medicine
E: d...@med.cornell.edu
O: 212-746-6305
F: 212-746-8690
On Wed, Oct 25, 2017 at 9:18 PM, John Lewis <j...@hyperbolicinnovation.com>
wrote:
> On Wed, 2017-10-25 at 09:32 -0400, Douglas Duckworth wrote:
> > Hi
> >
> > Do I
On Wed, 2017-10-25 at 09:32 -0400, Douglas Duckworth wrote:
> Hi
>
> Do I need uidNumber for Service Accounts used for application /
> server binding if this user won't actually be resolved by sssd or
> nslcd?
>
> I set a very high uidNumber but eventually this will
: 212-746-8690
On Wed, Oct 25, 2017 at 9:55 AM, Michael Ströder <mich...@stroeder.com>
wrote:
> Douglas Duckworth wrote:
> > Do I need uidNumber for Service Accounts used for application / server
> > binding if this user won't actually be resolved by sssd or nslcd?
>
> In
Douglas Duckworth wrote:
> Do I need uidNumber for Service Accounts used for application / server
> binding if this user won't actually be resolved by sssd or nslcd?
In general if your client only binds to the LDAP server it doesn't need
'uidNumber' attribute. It just needs a b
Hi
Do I need uidNumber for Service Accounts used for application / server
binding if this user won't actually be resolved by sssd or nslcd?
I set a very high uidNumber but eventually this will conflict with users as
in my ignorance I didn't put this in a lower range.
Thanks,
Douglas Duckworth
12 matches
Mail list logo