Revision [3589]
This is an old revision of MikeShultz made by MikeShultz on 2015-06-04 12:23:40.
Mike Shultz
Random Notes
Test LDAP Setup
These instructions are to setup the OpenNIC object schemas in slapd. This will only work on systems that use the cn=config type of configuration(not slapd.conf). It has been tested on Debian 8.
1) Add Schema to Config
Add the provided dnsdomain2.schema to slapd.conf with an include line.
echo "include /etc/ldap/schema/dnsdomain2.schema" >> /tmp/fuck
2) Create dnsschema.conf
Create /tmp/dnsschema.conf with the schemas you would like to use. As an example:
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/dnsdomain2.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/dnsdomain2.schema
3) Create Temp Config Directory
Create a directory to create the new LDAP configuration.
mkdir /tmp/dnsschema.d
4) Generate Temporary Config
Populate the test directory with a base config.
slaptest -f /tmp/dnsschema.conf -F /tmp/dnsschema.d/
5) Verify Config
Check and make sure the /tmp/dnsschema.d/ directory has cn=config, which should suggest that the config has been created successfully.
6) Make Necessary Changes to LDIF
Edit the new dnsdomain2.ldif(should be at /tmp/dnsschema.d/cn\=config/cn\=schema/cn\=\{*\}dnsdomain2.ldif) in the temporary config. Change the first few lines so it looks something like the following:
dn: cn=dnsdomain2,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: dnsdomain2
objectClass: olcSchemaConfig
cn: dnsdomain2
Also, remove everything below the last olcObjectClasses entry.
7) Merge New Schema
Now, we need to merge the new object schema into the config.
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/dnsschema.d/cn\=config/cn\=schema/cn\=\{5\}dnsdomain2.ldifIf all goes well, you should see output along the lines of:
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=dnsdomain2,cn=schema,cn=config"
ldap_add: Other (e.g., implementation specific) error (80)
additional info: olcAttributeTypes: Duplicate attributeType: "1.3.6.1.4.1.2428.20.0.0"
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=dnsdomain2,cn=schema,cn=config"
ldap_add: Other (e.g., implementation specific) error (80)
additional info: olcAttributeTypes: Duplicate attributeType: "1.3.6.1.4.1.2428.20.0.0"
