Thanks Tim<br><div><span class="gmail_quote">On 17 Jan 2007 01:07:32 -0500, <b class="gmail_sendername">Tim Writer</b> <<a href="mailto:tim-s/rLXaiAEBtBDgjK7y7TUQ@public.gmane.org">tim-s/rLXaiAEBtBDgjK7y7TUQ@public.gmane.org</a>> wrote:</span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
> ## Build the people ou.<br>> dn: ou=people,dc=afsat,dc=com<br>> ou: people<br>> objectClass: organizationalUnit<br><br>Hmmm. There's no "objectClass: top" which is unusual.</blockquote><div>I re-did it again and inserted objectClass top as you had suggested. Unfortunately, the problem persisted. Judging from a google search, I have noticed its a common thing to do, but it left me scratching my head. Why put "top" on more than one root schema? Shouldn't we have just one root?
<br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">> This was inserted successfully by slapadd tool. I then restarted openldap
<br>> and attempted populating it will user extracted from /etc/passwd file and<br>> that is when I hit my first problem. The migration tool produced a ldif file<br>> of the following format.<br>> dn: uid=wmuriithi,ou=people,dc=afsat,dc=com
<br>> uid: wmuriithi<br>> cn: William Muriithi<br>> objectClass: account<br>> objectClass: posixAccount<br>> objectClass: top<br>> objectClass: shadowAccount<br><br>Hmmm. I'm not sure why you would have object classes account and
<br>posixAccount. Also, it's usual to have object class inetOrgPerson for<br>e-mail etc. support.</blockquote><div>The data was automatically generated by an ldap migration tool, so I never gave it alot of thought. I just assumed they were correct
<br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">> Attempting to feed this data to ldap lead to this error<br>> adding new entry "cn=William Muriithi,dc=afsat,dc=com"
<br>> ldap_add: Object class violation (65)<br>> additional info: attribute 'uid' not allowed<br><br>You appear to have a schema problem.</blockquote><div><br>Thats my feeling also. I googled alot on how other people out there do it, but it appear very different and don't work for me. I am suspecting this is because people out there install from source, while I am working with fedora binary rpms. And, while I was on it, I noticed an error on above insertion, but the solution didn't help. See below
<br>adding new entry "uid=wmuriithi,ou=people,dc=afsat,dc=com"<br>ldap_add: Object class violation (65)<br> additional info: attribute 'uid' not allowed<br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
> Would this field exist on the output below?<br><br>No, because you haven't shown a user, i.e. an entry within the people ou.<br>If you showed a user, it should have a uid.</blockquote><div><br>I am not sure if I understood you well, but I did I querry from what I assumed you were conveying above, and I still couldn't see the uid field. See the search below:-
<br> # ldapsearch -x -b "ou=people,dc=afsat,dc=com"<br># extended LDIF<br>#<br># LDAPv3<br># base <ou=people,dc=afsat,dc=com> with scope subtree<br># filter: (objectclass=*)<br># requesting: ALL<br>#<br><br>
# people, <a href="http://afsat.com">afsat.com</a><br>dn: ou=people,dc=afsat,dc=com<br>ou: people<br>objectClass: top<br>objectClass: organizationalUnit<br><br># wmuriithi, people, <a href="http://afsat.com">afsat.com</a>
<br>dn: cn=wmuriithi,ou=people,dc=afsat,dc=com<br>cn: wmuriithi<br>sn: Muriithi<br>userPassword:: bWFrYXU=<br>objectClass: person<br><br># search result<br>search: 2<br>result: 0 Success<br><br># numResponses: 3<br># numEntries: 2
<br><br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">--<br>tim writer <<a href="mailto:tim-s/rLXaiAEBtBDgjK7y7TUQ@public.gmane.org">tim-s/rLXaiAEBtBDgjK7y7TUQ@public.gmane.org</a>> starnix inc.
<br>647.722.5301 toronto, ontario, canada<br><a href="http://www.starnix.com">http://www.starnix.com</a> professional linux services & products<br>--<br>The Toronto Linux Users Group. Meetings:
<a href="http://gtalug.org/">http://gtalug.org/</a><br>TLUG requests: Linux topics, No HTML, wrap text below 80 columns<br>How to UNSUBSCRIBE: <a href="http://gtalug.org/wiki/Mailing_lists">http://gtalug.org/wiki/Mailing_lists
</a><br></blockquote></div><br>Thank you a lot for your help<br>William<br>