Hi again, you're right, imo that should do trick, I've set up a sles10/11 machine some weeks ago, as I can see from your yast.schema you set up another one. :)
I havn't had the problem with the structural Classes, because I didn't have freshly imported posixAccounts and Groups so I didn't mentioned that rfc2307/bis-problem at that point. But I dunno if you have to rebuild a complete new database when you change a schema with attributes already in use in your current database. In a case of failure you just have to delete your DB-Files in /var/lib/ldap to do a fresh start from scratch and reimport your accounts and groups, not that hard imo. Good luck. :) On Fri, Apr 9, 2010 at 15:50, Francis, Steve (IHG) <[email protected]>wrote: > Thanks! Then I guess I should change to the nis.schema from the > rfc3207bis.schema. Any thoughts, or reasons why I shouldn't? > This is what I currently have: > include /etc/openldap/schema/core.schema > include /etc/openldap/schema/sah.schema ( application specific > schema ) > include /etc/openldap/schema/cosine.schema > include /etc/openldap/schema/inetorgperson.schema > include /etc/openldap/schema/rfc2307bis.schema > include /etc/openldap/schema/yast.schema > *Steve Francis* > *Technical Advisor - zSeries, zLinux, z/OS* > IHG > Alpharetta Data Center > Ph: 770-442-7157 > Cell: 770-906-3122 > IM: francisihg > > > ------------------------------ > *From:* Benjamin Griese [mailto:[email protected]] > *Sent:* Friday, April 09, 2010 9:27 AM > *To:* Francis, Steve (IHG) > *Cc:* [email protected] > *Subject:* Re: group migration to Ldap > > Hi Steve, > > maybe this due to the schema file which holds the objectClass posixGroup. > I guess its the difference between rfc2307 and rfc2307bis. > Where in rfc2307 the posixGroup is structural and in rfc2307bis it is not. > > I guess I have rfc2307: > cat nis.schema: > objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' > DESC 'Abstraction of a group of accounts' > SUP top STRUCTURAL > MUST ( cn $ gidNumber ) > MAY ( userPassword $ memberUid $ description ) ) > > I am not 100% sure if that is true, please correct me if itsn't. :) > > bye, benjamin > > On Fri, Apr 9, 2010 at 15:01, Francis, Steve (IHG) > <[email protected]>wrote: > >> I'm tyring to migrate my /etc/group to openldap. I've used the >> migration tools, but for some reason, I get the following when trying to do >> the ldapadd for the group.ldif generated . >> >> adding new entry "cn=at,ou=Group,dc=zlinux,dc=hiw,dc=com" >> ldap_add: Object class violation (65) >> additional info: no structural object class provided >> >> Not sure why, as the /etc/passwd migrated just fine. >> >> *Steve Francis* >> *Technical Advisor - zSeries, zLinux, z/OS* >> IHG >> Alpharetta Data Center >> Ph: 770-442-7157 >> Cell: 770-906-3122 >> IM: francisihg >> >> > > > > -- > To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is > to do -- Sartre | Do be do be do -- Sinatra > > -- To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra
