First, I'll prefix this question by saying I last set up a brand-new
LDAP server from scratch about 3 years ago, and then 10 years prior to
that. I've probably forgotten most of what I ever knew.
I'm trying to use ldapd(8), which looks as minimalist and
'sane-defaults-should-work' as everything else in OpenBSD-land. Compared
to 389 Server, or even OpenLDAP, this is refreshing.
I can get ldapd running without any issue, but I can't add any entries
of any type to it. I can simple-bind as the rootdn without any
problems. I can query the schema without any problems. I can query the
'root' without issue, and I see my namingContext, no issues there either.
Any searches at all at the base DN return nothing, which is pretty much
what I expected, since I haven't populated it yet.
All the LDAP browsers & tools complain very loudly that there's nothing
there yet at "dc=x,dc=y"...which sort of makes sense, except typically
the error 32 (no results) is treated as a big problem which sort of
doesn't make sense. If my namingContext is "dc=x,dc=y" shouldn't I be
able to query "dc=x,dc=y" itself right away?
However, I can't even add an OU:
dn: ou=Users,dc=x,dc=y
objectType: organizationalUnit
ou: Users
with "ldapadd -v" gives me:
add objectType:
organizationalUnit
add ou:
Users
adding new entry "ou=Users,dc=x,dc=y"
ldap_add: No such attribute (16)
attempting to add another DC container produces the exact same error.
I'm adding, I think, all the necessary attributes, and I've even tried
removing the attribute indexes (yes, I deleted the database first) in
case it was trying to index a null attribute, but that was grasping at
straws.
My best guess so far is that I have to precreate the dc=x,dc=y and dc=y
objects and provide their attributes, but I can't do that either - I get
"45 naming violation" when I try.
Obviously I have no idea what I'm doing wrong here.
Hints greatly appreciated.
-Adam
athom...@athompso.net
