Konstantin Boyandin wrote:
Hello,
OpenLDAP version: 2.3.43-12 (CentOS 5.5), 64-bit.
In order to enable ppolicy overlay, I am trying to create the relevant
entries, as specified in
http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
I import two LDIFs, first:
dn: ou=Policies,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Policies
and second
dn: cn=default,ou=Policies,dc=example,dc=com
cn: default
objectClass: top
objectClass: pwdPolicy
objectClass: person
pwdAllowUserChange: TRUE
pwdAttribute: userPassword
pwdCheckQuality: 2
pwdExpireWarning: 600
pwdFailureCountInterval: 30
pwdGraceAuthNLimit: 2
pwdInHistory: 5
pwdLockout: TRUE
pwdLockoutDuration: 0
pwdMaxAge: 7776000
pwdMaxFailure: 5
pwdMinAge: 0
pwdMinLength: 5
pwdMustChange: FALSE
pwdSafeModify: FALSE
sn: dummy value
The first loads OK.
When I try to import the second, I receive this diagnostics:
Could not add object cn=default,ou=Policies,dc=itelsib,dc=com
Message: Invalid syntax
Error code: 0x15 (LDAP_INVALID_SYNTAX)
Error description: An invalid attribute value was specified.
Could someone suggest what's wrong with the attribute name?
OpenLDAP never produces the text you provided above. It seems you're using
some other LDAP tool to do this import, and it is not showing you the actual
error message sent from the server. OpenLDAP slapd will always identify the
actual attribute and value that causes an error. I suggest you try importing
this entry with OpenLDAP's ldapadd and examine the error message from there.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/