Skip to main content
Super User

Return to Question

Update with final solution
Source Link
PeterS
PeterS
  • 113
  • 1
  • 6

Thanks to @grawity, the final soluiton is as follows:

dn: cn=test,cn=schema,cn=config
changetype: add
olcAttributeTypes: ( 2.25.247072656268950430024439664556757516066
  NAME ( 'ecdvisibility' 'ecdvis' )
  DESC 'The visibility of the object'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE
  USAGE userApplications )
objectClass: olcSchemaConfig

I changed the OID number to one of the open unique numbers, as I was using an invalid public one. The attribute type was added successfully and can be used elsewhere.

Thanks to @grawity, the final soluiton is as follows:

dn: cn=test,cn=schema,cn=config
changetype: add
olcAttributeTypes: ( 2.25.247072656268950430024439664556757516066
  NAME ( 'ecdvisibility' 'ecdvis' )
  DESC 'The visibility of the object'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE
  USAGE userApplications )
objectClass: olcSchemaConfig

I changed the OID number to one of the open unique numbers, as I was using an invalid public one. The attribute type was added successfully and can be used elsewhere.

Second update showing further progress.
Source Link
PeterS
PeterS
  • 113
  • 1
  • 6

Update 2:

Before I could make any changes, I had to update the system password that openldap seems to set in the background:

dn: olcDatabase={0}config,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: password

This worked fine, so then I set about trying to update the attributes.

1st attempt:

dn: cn=schema,cn=config
changetype: add
olcAttributeTypes: ( ecdvisibility.oid
  NAME ( 'ecdvisibility' 'ecdvis' )
  DESC 'The visibility of the object'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE
  USAGE userApplications )
olcRootDN: cn=config
olcRootPW: password
#objectClass: top

ldap_add: Object class violation (65) additional info: no objectClass attribute

Commenting in the object class, gave me the following error:

ldap_add: Object class violation (65) additional info: no structural object class provided

Ok, so I will try inetOrgPerson

ldap_add: Object class violation (65) additional info: object class 'inetOrgPerson' requires attribute 'sn'

Stop, I don't really want to do that, I want to just add an attribute type that is available to ldap, and can be added to an object when and if necessary. I don't want to specify the single object or an entry at this point. Is this possible? If so how? Any further advice really appreciated.

Update 2:

Before I could make any changes, I had to update the system password that openldap seems to set in the background:

dn: olcDatabase={0}config,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: password

This worked fine, so then I set about trying to update the attributes.

1st attempt:

dn: cn=schema,cn=config
changetype: add
olcAttributeTypes: ( ecdvisibility.oid
  NAME ( 'ecdvisibility' 'ecdvis' )
  DESC 'The visibility of the object'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE
  USAGE userApplications )
olcRootDN: cn=config
olcRootPW: password
#objectClass: top

ldap_add: Object class violation (65) additional info: no objectClass attribute

Commenting in the object class, gave me the following error:

ldap_add: Object class violation (65) additional info: no structural object class provided

Ok, so I will try inetOrgPerson

ldap_add: Object class violation (65) additional info: object class 'inetOrgPerson' requires attribute 'sn'

Stop, I don't really want to do that, I want to just add an attribute type that is available to ldap, and can be added to an object when and if necessary. I don't want to specify the single object or an entry at this point. Is this possible? If so how? Any further advice really appreciated.

Source Link
PeterS
PeterS
  • 113
  • 1
  • 6

ldapadd gives syntax errors with openldap

I am using ldapadd and I want to add an attribute type to the repository so it can be used by other entries.

I'm having a few issues. Here is my ldif file.

dn: dc=myorg,dc=co,dc=uk
changetype: add
add: attributetypes
attributetype: ( 2.2.980.1.1 NAME ( 'ecdvisibility' 'ecdvis' ) DESC 'The visibility of the object' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications )

After checking the lines for spaces at the end, I see that everything is OK:

dn: dc=myorg,dc=co,dc=uk$
changetype: add$
add: attributetypes$
attributetype: ( 2.2.980.1.1 NAME ( 'ecdvisibility' 'ecdvis' )$
  DESC 'The visibility of the object'$
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15$
  SINGLE-VALUE$
  USAGE userApplications )$

what I see is a mysterious error like the following:

ldap_add: Undefined attribute type (17) additional info: add: attribute type undefined

I don't understand this error, the attribute type is not defined, I'm trying to add it! Also just before that line it says:

adding new entry "dc=myorg,dc=co,dc=uk"

Why is it adding this, it already exists. I'm also not sure whether I should be using ldapadd or ldapmodify.

My typical command is:

sudo ldapadd -D cn=admin,dc=myorg,dc=co,dc=uk -w password -v -f attributeType.ldif

I also made sure there is a trialling blank line at the end of the file, although that seems to make no difference at all.

What is the best way to add such an attribute that can be used by any user?

Update

I've also tried the following:

dn: cn=schema
changetype: modify
add: attributeTypes
##
## The new attribute type
##
attributeTypes: ( ecdvisibility.oid NAME ( 'ecdvisibility' 'ecdvis' ) DESC 'The visibility of the object' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications )

But this time I get this error:

ldap_modify: Invalid syntax (21) additional info: attributeTypes: value #0 invalid per syntax