CentOS - Oct 2010 - ldif invalid per syntax

Hello CentOS

I am having a bit of trouble importing an ldif into openldap, tho the
syntax looks a-ok to me. I am attempting to import my sudoers list
into my ldap configuration and I used an application called sudoers2ldif
to generate the ldif.

 I used the following command to import the file:

============================================
 [root at bluethundr-desktop:~/txt/ldif ] $:ldapadd -h ldap -a -W -x -D
"cn=Manager,dc=summitnjhome,dc=com" -f
/home/bluethundr/txt/sudoers2.ldif
Enter LDAP Password:
adding new entry
"cn=defaults,ou=sudoers,ou=Services,dc=summitnjhome,dc=com"
ldap_add: Invalid syntax (21)
       additional info: objectClass: value #1 invalid per syntax


============================================
 And this is the file I am trying to import sudoers2.ldif:

 ===========================================

dn: cn=defaults,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
objectClass: top
objectClass: sudoRole
cn: defaults
description: Default sudoOption's go here

dn: cn=root,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
objectClass: top
objectClass: sudoRole
cn: root
sudoUser: root
sudoHost: ALL
sudoRunAsUser: ALL
sudoCommand: ALL

dn: cn=%wheel,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
objectClass: top
objectClass: sudoRole
cn: %wheel
sudoUser: %wheel
sudoHost: ALL
sudoRunAsUser: ALL
sudoCommand: ALL
sudoOption: !authenticate

dn: cn=%summitnjops,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
objectClass: top
objectClass: sudoRole
cn: %summitnjops
sudoUser: %summitnjops
sudoHost: ALL
sudoRunAsUser: ALL
sudoCommand: ALL
sudoOption: !authenticate


=====================================================
my ldap schema looks like so:

=====================================================Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=summitnjhome,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# summitnjhome.com
dn: dc=summitnjhome,dc=com
dc: summitnjhome
objectClass: dcObject
objectClass: organization
o: Summit NJ Home

# staff, summitnjhome.com
dn: ou=staff,dc=summitnjhome,dc=com
ou: staff
objectClass: organizationalUnit

# summitnjops, staff, summitnjhome.com
dn: ou=summitnjops,ou=staff,dc=summitnjhome,dc=com
ou: summitnjops
objectClass: organizationalUnit

# people, summitnjhome.com
dn: ou=people,dc=summitnjhome,dc=com
ou: customers
ou: people
objectClass: organizationalUnit

# Services, summitnjhome.com
dn: ou=Services,dc=summitnjhome,dc=com
ou: services
objectClass: organizationalUnit

# pam_ldap, Services, summitnjhome.com
dn: cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com
cn: pam_ldap
objectClass: top
objectClass: inetOrgPerson
sn: PAM
userPassword:: secretPass

# sudoers, Services, summitnjhome.com
dn: ou=sudoers,ou=Services,dc=summitnjhome,dc=com
ou: sudoers
objectClass: organizationalUnit

# search result
search: 2
result: 0 Success

# numResponses: 8
# numEntries: 7


=============================================================
 could someone please suggest how to get around this error?

thanks!

Tim

On Thu, Oct 07, 2010 at 04:38:42PM -0400, Tim Dunphy
wrote:
> Hello CentOS
> 
> I am having a bit of trouble importing an ldif into openldap, tho the
> syntax looks a-ok to me. I am attempting to import my sudoers list
> into my ldap configuration and I used an application called sudoers2ldif
> to generate the ldif.
> 
>  I used the following command to import the file:
> 
> ============================================> 
>  [root at bluethundr-desktop:~/txt/ldif ] $:ldapadd -h ldap -a -W -x -D
> "cn=Manager,dc=summitnjhome,dc=com" -f
> /home/bluethundr/txt/sudoers2.ldif
> Enter LDAP Password:
> adding new entry
"cn=defaults,ou=sudoers,ou=Services,dc=summitnjhome,dc=com"
> ldap_add: Invalid syntax (21)
>        additional info: objectClass: value #1 invalid per syntax
It indicates that the second line (it counts from 0, so #1 should be the
second line) has something wrong.  I would think you'd have to put the
objectclass of sudoRole in a schema--a quick look at your email doesn't
show it there--forgive me if I missed it.  

Errm, that is, second line of your objectclass.  It makes sense. 

Taking just the object class listing.


> objectClass: top
> objectClass: sudoRole
We see that value #1 is sudoRole.  I don't see it defined in your
schema, forgive me if I missed it.   If I'm correct though, and it's not
in your schema, that's your problem. 

(Not sure if I should snip the rest of this or not, so will be
conservative and not snip--for anyone following the thread, this
sentence ends what I have to say about it.  :)  


> 
> 
> ============================================> 
>  And this is the file I am trying to import sudoers2.ldif:
> 
>  ===========================================> 
> 
> dn: cn=defaults,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
> objectClass: top
> objectClass: sudoRole
> cn: defaults
> description: Default sudoOption's go here
> 
> dn: cn=root,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
> objectClass: top
> objectClass: sudoRole
> cn: root
> sudoUser: root
> sudoHost: ALL
> sudoRunAsUser: ALL
> sudoCommand: ALL
> 
> dn: cn=%wheel,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
> objectClass: top
> objectClass: sudoRole
> cn: %wheel
> sudoUser: %wheel
> sudoHost: ALL
> sudoRunAsUser: ALL
> sudoCommand: ALL
> sudoOption: !authenticate
> 
> dn: cn=%summitnjops,ou=sudoers,ou=Services,dc=summitnjhome,dc=com
> objectClass: top
> objectClass: sudoRole
> cn: %summitnjops
> sudoUser: %summitnjops
> sudoHost: ALL
> sudoRunAsUser: ALL
> sudoCommand: ALL
> sudoOption: !authenticate
> 
> 
> =====================================================> 
> my ldap schema looks like so:
> 
> =====================================================> Enter LDAP
Password:
> # extended LDIF
> #
> # LDAPv3
> # base <dc=summitnjhome,dc=com> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
> 
> # summitnjhome.com
> dn: dc=summitnjhome,dc=com
> dc: summitnjhome
> objectClass: dcObject
> objectClass: organization
> o: Summit NJ Home
> 
> # staff, summitnjhome.com
> dn: ou=staff,dc=summitnjhome,dc=com
> ou: staff
> objectClass: organizationalUnit
> 
> # summitnjops, staff, summitnjhome.com
> dn: ou=summitnjops,ou=staff,dc=summitnjhome,dc=com
> ou: summitnjops
> objectClass: organizationalUnit
> 
> # people, summitnjhome.com
> dn: ou=people,dc=summitnjhome,dc=com
> ou: customers
> ou: people
> objectClass: organizationalUnit
> 
> # Services, summitnjhome.com
> dn: ou=Services,dc=summitnjhome,dc=com
> ou: services
> objectClass: organizationalUnit
> 
> # pam_ldap, Services, summitnjhome.com
> dn: cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com
> cn: pam_ldap
> objectClass: top
> objectClass: inetOrgPerson
> sn: PAM
> userPassword:: secretPass
> 
> # sudoers, Services, summitnjhome.com
> dn: ou=sudoers,ou=Services,dc=summitnjhome,dc=com
> ou: sudoers
> objectClass: organizationalUnit
> 
> # search result
> search: 2
> result: 0 Success
> 
> # numResponses: 8
> # numEntries: 7
> 
> 
> =============================================================> 
>  could someone please suggest how to get around this error?
> 
> thanks!
> 
> Tim
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6