问题
I am newbie in LDAP and trying to add extra attributes & ObjectClass to OpenLDAP (2.4.40) schema, so it could compatible with the java code that is working with Active Directory
I did quite a lot of research online and finally come to this .ldif file, but can't quite figure out what is the dn that I should put in there for the target schema. The cn=ldapadm,dc=myapp,dc=local is the DN I created for current project, but I guess that shouldn't be the place to whole these global attributes and objectclasses
dn: cn=ldapadm,dc=myapp,dc=local
objectClass: olcSchemaConfig
cn: cn=ldapadm,dc=myapp,dc=local
olcAttributeTypes: {0}( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
olcAttributeTypes: {1}( 1.2.840.113556.1.2.210 NAME 'proxyAddresses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {2}( 1.2.840.113556.1.4.750 NAME 'groupType' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {3}( 1.3.114.7.4.2.0.33 NAME 'memberOf' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcObjectClasses: {0}( 1.2.840.113556.1.5.9 NAME 'user' DESC 'a user' SUP organizationalPerson STRUCTURAL MUST cn MAY ( userPassword $ memberOf ) )
olcObjectClasses: {1}( 1.2.840.113556.1.5.8 NAME 'group' DESC 'a group of users' SUP top STRUCTURAL MUST ( groupType $ cn ) MAY member )
The error
adding new entry "cn=ldapadm,dc=myapp,dc=local"
ldap_add: Already exists (68)
and if I use a dummy dn
dn: cn=config
the error becomes
adding new entry "cn=config"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
So how should I define the dn so I can register the Active Directory elements into global setting?
回答1:
The DN of the user you're loggin in as is cn=ldapadm,dc=myapp,dc=local.
The DN of the entire configuration subtree is cn=config.
The DN of the schema is cn=schema,cn=config.
来源:https://stackoverflow.com/questions/45538552/what-is-the-dn-value-to-add-windows-active-directory-attributes-objectclasses