Grouper Developers Forum

[Chris Hyzer <>]

Got it!  Thanks!

I changed my slapd.conf to have this:

include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema

include         /usr/local/etc/openldap/schema/ldappc.schema

Then changed the schema kitneduperson.schema:

#    SUP top AUXILIARY
objectclass     ( 1.3.6.4.1.9902.99999.1.1
    NAME 'kitnEduPerson'
    DESC 'KITN  Edu Person objectclass'
    SUP inetOrgPerson
    MAY kitnEduPersonRegId )

Regards,
Chris

> -----Original Message-----
> From: Tom Barton 
> [mailto:]
> Sent: Wednesday, February 13, 2008 1:36 PM
> To: Chris Hyzer
> Cc: Grouper Dev
> Subject: Re: [grouper-dev] ldappc help
>
> Chris Hyzer wrote:
> > Didn't someone post step by step instructions on how to use ldappc
> > with openldap at some point?  Cant seem to locate.
> >
> > Anyways, Im going by the javadoc documentation, and I freshly
> > installed openldap 2.3.39 on linux  RHEL AS4.  This is the HEAD
> ldappd checkout.
> > Im starting by loading test data and running the test cases.
> >
> > adding new entry
> "kitnedupersonregid=SD00080,ou=kitn,dc=example,dc=edu"
> >
> > ldapadd: Invalid syntax (21)
> >
> >         additional info: objectclass: value #2 invalid per syntax
> >
> > objectclass     ( 1.3.6.4.1.9902.99999.1.1
> >
> >     NAME 'kitnEduPerson'
> >
> >     DESC 'KITN  Edu Person objectclass'
> >
> >     SUP top AUXILIARY
> >
> >     MAY kitnEduPersonRegId )
>
> I wonder if your version of openLDAP has mandatory schema checking. If
> so, it probably wants kitnEduPersonRegId to be a required attribute in
> order to serve as an RDN.
>
> Work around is to alter the schema file so that kitnEduPerson is
> structural and subclasses inetOrgPerson (I suppose).
>
> For Ldappc next rev, perhaps we should redo the delivered
> ldappcSubject.ldif so that it works with strict schema checking, e.g.,
> by using uid for the RDN in kitn.
>
> Tom