OpenLDAP 2.4.23 - Debian 6.0 - Import schema - Insufficient access (50)
Posted
by
Yosifov
on Server Fault
See other posts from Server Fault
or by Yosifov
Published on 2012-09-05T07:01:52Z
Indexed on
2012/09/05
9:40 UTC
Read the original article
Hit count: 214
openldap
Good day to everybody.
I'm trying to add a new schema inside OpenLDAP. But getting an error:
ldap_add: Insufficient access (50)
root@ldap:/# ldapadd -c -x -D cn=admin,dc=domain,dc=com -W -f /tmp/test.d/cn\=config/cn\=schema/cn\=\{5\}microsoft.ldif
root@ldap:/# cat /tmp/test.d/cn\=config/cn\=schema/cn\=\{5\}microsoft.ldif
dn: cn=microsoft,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: microsoft
olcAttributeTypes: {0}( 1.2.840.113556.1.4.302 NAME 'sAMAccountType' DESC 'Fss
ssully qualified name of distinguished Java class or interface' SYNTAX 1.3.6.
1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {1}( 1.2.840.113556.1.4.146 NAME 'objectSid' DESC 'Fssssull
y qualified name of distinguished Java class or interfaced' SYNTAX 1.3.6.1.4.
1.1466.115.121.1.40 SINGLE-VALUE )
olcAttributeTypes: {2}( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' DESC 'Fds
sssully qualified name of distinguished Java class or interfaced' SYNTAX 1.3.
6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
olcAttributeTypes: {3}( 1.2.840.113556.1.4.1412 NAME 'primaryGroupToken' SYNTA
X 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {4}( 1.2.840.113556.1.2.102 NAME 'memberOf' SYNTAX 1.3.6.1.
4.1.1466.115.121.1.12 SINGLE-VALUE )
olcAttributeTypes: {5}( 1.2.840.113556.1.4.98 NAME 'primaryGroupID' SYNTAX 1.3
.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcObjectClasses: {0}( 1.2.840.113556.1.5.6 NAME 'securityPrincipal' DESC 'Cso
ntainer for a Java object' SUP top AUXILIARY MUST ( objectSid $ sAMAccountNam
e ) MAY ( primaryGroupToken $ memberOf $ primaryGroupID ) )
I also tried to add the schema by phpldapadmin, but gain the same error.
I'm using the admin user which is specified by default from the begging of the slpad installation. How may I add permissions to this user ?
Best wishes
© Server Fault or respective owner