I'm not able to add posix users/groups to this newly created ldap directory. OpenLDAP version is 2.4.19.
The LDIF I've populated the LDAP directory is probably the problem, but I'm not sure what I need to do next…
dn: dc=company,dc=net,dc=au
objectClass: dcObject
objectClass: organization
o: Company Pty Ltd
dc: company
dn: cn=manager,dc=company,dc=net,dc=au
objectClass: organizationalRole
cn: Manager
dn: ou=People,dc=company,dc=net,dc=au
objectClass: organizationalUnit
objectClass: top
ou: People
dn: ou=Groups,dc=company,dc=net,dc=au
objectClass: organizationalUnit
objectClass: top
ou: Groups
Could someone please educate me 🙂
Update: I've added nis.schema, which I expected to fix the problem as it has all the posix* classes I was after. However, I now get the following error:
/etc/openldap/schema/nis.schema: line 203 objectclass: AttributeType not found: "manager"
/opt/openldap/etc/openldap/slapd.conf: line 6: <include> handler exited with 1!
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.
The relevant section of nis.schema, ~line 203 is as follows…
objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost'
DESC 'Abstraction of a host, an IP device'
SUP top AUXILIARY
MUST ( cn $ ipHostNumber )
MAY ( l $ description $ manager ) )
I'll continue reading.
Best Answer
I think I've figured it out - Once I'm done reading, I'll post the root cause, and the detailed solution; but for now - and in short - I hadn't included the appropriate schema files.
The posixAccount is an auxiliary class, so it's a completely optional that can be "attached" onto the required structural one - be it person, organizationalPerson, or interOrgPerson.
No, I thought I was close, still no luck. In order to add nis.schema, I had to add a few prerequisite schemas, so now I have...
That resolved slapd not starting up, however, I still can't see any posix* classes anywhere in the ldap mgmt web interface.