2017-08-04 56 views
0

我是LDAP新手,並且尋找添加簡單的objectClass和Attributes,但仍然出現錯誤, 我想要一個包含簡單字符串屬性'functionId'的對象'adminFunc'我複製adminFunc.schema和adminFunc.ldif到架構文件夾:在openLDAP中創建一個新的ObjectClass和屬性

adminFunc.schema:

objectidentifier adminFuncSchema 1.3.6.1.4.1.X.Y 
objectidentifier funcAttrs adminFuncSchema:3 
objectidentifier funcClass adminFuncSchema:4 

attributetype (funcAttrs:2 
    NAME 'functionId' 
    EQUALITY caseIgnoreMatch 
    SUBSTR caseIgnoreSubstringsMatch 
    ORDERING caseIgnoreOrderingMatch 
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255}) 

objectclass ( 
    funcClass:1 
    NAME 'adminFunc' 
    DESC 'Admin permission' 
    SUP (top) AUXILIARY 
    MAY functionId) 

adminFunc.ldif:(已經由運行slaptest即可自動生成)

dn: cn=adminFunc 
objectClass: olcSchemaConfig 
cn: adminFunc 
olcObjectIdentifier: adminFuncSchema 1.3.6.1.4.1.X.Y 
olcObjectIdentifier: funcAttrs adminFuncSchema:3 
olcObjectIdentifier: funcClass adminFuncSchema:4 
olcAttributeTypes: (funcAttrs:2 NAME 'functionId' EQUALITY caseIgnoreMat 
ch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 
    1.3.6.1.4.1.1466.115.121.1.15{255}) 
olcObjectClasses: (funcClass:1 NAME 'adminFunc' DESC 'Admin permission' 
SUP top AUXILIARY MAY functionId) 
structuralObjectClass: olcSchemaConfig 
entryUUID: c43389f4-0bfb-1037-959b-c9dc976d6fc3 
creatorsName: cn=config 
createTimestamp: 20170802182555Z 
entryCSN: 20170802182555.047279Z#000000#000#000000 
modifiersName: cn=config 
modifyTimestamp: 20170802182555Z 

modify.ldif 我的DN爲ou =本地,OU = SV,DC =例如,DC = com的

試圖運行這個命令來創建一個新的Call_Center對象:

的ldapmodify -x -W -D 「CN = ldapadmin,DC =例如,DC = COM」 -f modify.ldif

dn: cn=Call_Center,ou=Local,ou=SV,dc=example,dc=com 
changetype: add 
objectClass: top 
objectClass: adminFunc 
cn: Call_Center 
functionId: 1010 

但找不到我adminFunc對象:

SASL/EXTERNAL authentication started 
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth 
SASL SSF: 0 
adding new entry "cn=Call_Center,ou=Local,ou=SV,dc=example,dc=com" 
ldap_add: Invalid syntax (21) 
     additional info: objectClass: value #1 invalid per syntax 

不知道我錯過了什麼。

感謝

回答

0

這些都是我在OpenLDAP的創建一個新的對象和屬性的步驟:

  1. 創建模式文件,例如。 test.schema

#屬性定義

attributetype (1.3.6.1.4.1.42.2.27.4.1.6 
     NAME 'sampleAttribute' 
     DESC 'Sample Attribute' 
     EQUALITY caseExactMatch 
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 
     SINGLE-VALUE) 

#對象類定義

objectclass (1.3.6.1.4.1.42.2.27.4.2.1 
     NAME 'SampleObject' 
     DESC 'Sample object' 
     SUP top 
     STRUCTURAL 
     MUST (cn $ sampleAttribute)) 
  • 創建CONF文件,例如。 test.conf
  • 包括/home/test.schema

  • 在服務器上,運行:
  • #創建目錄

    mkdir testdir 
    

    #run slaptest的

    slaptest -f test.conf -F testdir 
    

    生成的文件將被TESTDIR/CN =配置/ CN =架構/ CN = {0} test.ldif和將看起來像這樣(一些手動編輯後):

    # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. 
    # CRC32 f74b018a 
    dn: cn=sample,cn=schema,cn=config 
    objectClass: olcSchemaConfig 
    cn: sample 
    olcAttributeTypes: {0}(1.3.6.1.4.1.42.2.27.4.1.6 NAME 'sampleAttribute' 
        DESC 'Sample Attribute' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115. 
    121.1.15 SINGLE-VALUE) 
    olcObjectClasses: {0}(1.3.6.1.4.1.42.2.27.4.2.1 NAME 'SampleObject' DESC 'Sam 
    ple object' SUP top STRUCTURAL MUST (cn $ sampleAttribute)) 
    structuralObjectClass: olcSchemaConfig 
    entryUUID: 4a10b3ec-4aca-1036-997a-3fcaae1517d7 
    creatorsName: cn=config 
    createTimestamp: 20161129215530Z 
    entryCSN: 20161129215530.381328Z#000000#000#000000 
    modifiersName: cn=config 
    modifyTimestamp: 20161129215530Z 
    

    我改名礦採樣.ldif。

  • 到架構
  • 添加LDIF在服務器上,運行:

    service slapd stop 
    slapadd -l sample.ldif -n 0 
    #to populate the config database slapd-config(5), use -n 0 as it is always the first database. 
    service slapd start