Thanks all.. I have read the man of ldif.... your advice has gotten me quite far both in my current implementation and in my overall understanding of LDAP which I am hoping grows with each passing day.
In my attempt to build my current directory, I have taken a dump of my last successful implementation (which was created on FreeBSD 8.1) and substituted values for the dc=company and dc=com values with the correct ones for the current directory (attempting to implement under CentOS 5.4) and even tho the correct schemas are in place it is choking on this entry: # defaults, sudoers, Services, acadaca.com dn: cn=defaults,ou=sudoers,ou=Services,dc=acadaca,dc=net objectClass: top objectClass: sudoRole cn: defaults description: Default sudoOption's go here And again I should have all the schemas in place to make this work... include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/misc.schema inlcude /etc/openldap/schema/sudoers.schema include /etc/openldap/schema/openldap.schema Why this ldif will work in one directory but not another is a mystery at this point.. thanks again On Wed, Nov 3, 2010 at 9:43 PM, Howard Chu <h...@symas.com> wrote: > Quanah Gibson-Mount wrote: >> >> --On Wednesday, November 03, 2010 6:09 PM -0400 Tim Dunphy >> <bluethu...@gmail.com> wrote: >> >>> holy crap!! it was the extra colon that killed it! found it, fixed >>> it.. man oh man sorry for the intrusion! >> >> Yeah, :: on userPassword means it is base-64 encoded already, and clearly >> that bit of LDIF was not base-64 encoded. ;) > > And again, stuff like this is clearly documented in the ldif(5) manpage... > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ > -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!!