[Lam-public] Specifying Host Attribute in InetOrgPerson

Discussion:

Andrew Niemantsverdriet

2010-09-22 18:05:12 UTC

Hi all I am trying to display the host attribute in InetOrgPerson, I
know I used to be able to do this but must have changed something that
made it go away. Is there anyway I can get LAM to show this again? I
check in my server profile and made sure that it was not hidden, I did
not even see it listed there. So what do I need to do to get it back?
I am using LAM Pro 3.1.1.

Thanks,

--
_
/-\ ndrew Niemantsverdriet
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102

Roland Gruber

2010-09-22 19:53:16 UTC

Permalink

Hi Andrew,

Post by Andrew Niemantsverdriet
Hi all I am trying to display the host attribute in InetOrgPerson, I
know I used to be able to do this but must have changed something that
made it go away. Is there anyway I can get LAM to show this again? I
check in my server profile and made sure that it was not hidden, I did
not even see it listed there. So what do I need to do to get it back?

the schema hack was replaced by a new module ("Hosts") that uses the
"hostObject" object class. Just add this new module to the list of
active user modules.
It is no longer needed to modify the LDAP schema.

http://www.ldap-account-manager.org/lamcms/changelog
http://www.ldap-account-manager.org/static/doc/manual/ch03.html#id443283

- --

Best regards

Roland Gruber

LDAP Account Manager
http://www.ldap-account-manager.org/

Want more? Get LDAP Account Manager Pro!
http://www.ldap-account-manager.org/lamcms/lamPro

Andrew Niemantsverdriet

2010-09-27 15:09:35 UTC

Permalink

Roland,

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Andrew,

I am getting a:

Was unable to add attribtues to DN:
uid=aaron.holt,ou=2009,ou=students,ou=People,dc=rocky,dc=edu.

Invalid syntax

I am looking the OpenLDAP logs and not seeing what the wrong syntax
is. Any hints on how to track this down further?

Thanks

--
_
/-\ ndrew Niemantsverdriet
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102

Roland Gruber

2010-09-27 15:44:23 UTC

Permalink

Hi Andrew,

Post by Andrew Niemantsverdriet
uid=aaron.holt,ou=2009,ou=students,ou=People,dc=rocky,dc=edu.
Invalid syntax
I am looking the OpenLDAP logs and not seeing what the wrong syntax
is. Any hints on how to track this down further?

in /etc/ldap/slapd.conf turn logging on with the line "loglevel 256".
OpenLDAP uses /var/log/syslog for log output. There should be some line
with the MOD command that includes a more detailed error description.

- --

Best regards

Roland

Andrew Niemantsverdriet

2010-09-27 15:57:36 UTC

Permalink

Roland,

Post by Roland Gruber
in /etc/ldap/slapd.conf turn logging on with the line "loglevel 256".
OpenLDAP uses /var/log/syslog for log output. There should be some line
with the MOD command that includes a more detailed error description.

Here is the the relevant part of the log. I can see the error but have
no idea what is causing it..

Sep 27 09:52:44 jasper slapd[19713]: conn=57 fd=20 ACCEPT from
IP=127.0.0.1:43522 (IP=0.0.0.0:389)
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=0 BIND
dn="uid=manager,ou=People,dc=rocky,dc=edu" method=128
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=0 BIND
dn="uid=manager,ou=People,dc=rocky,dc=edu" mech=SIMPLE ssf=0
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=0 RESULT tag=97 err=0 text=
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=1 RESULT tag=103
err=21 text=objectClass: value #0 invalid per syntax
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=2 SRCH
base="ou=group,dc=rocky,dc=edu" scope=2 deref=0
filter="(objectClass=*)"
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=2 SRCH attr=memberUid
cn objectClass
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=2 SEARCH RESULT
tag=101 err=0 nentries=5 text=
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=3 UNBIND
Sep 27 09:52:44 jasper slapd[19713]: conn=57 fd=20 closed

Thanks,

--
_
/-\ ndrew Niemantsverdriet
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102

Roland Gruber

2010-09-27 16:10:21 UTC

Permalink

Hi Andrew,

Post by Andrew Niemantsverdriet
Sep 27 09:52:44 jasper slapd[19713]: conn=57 op=1 RESULT tag=103
err=21 text=objectClass: value #0 invalid per syntax

looks like OpenLDAP does not accept the object class. Please run the
schema check (Tools -> Tests) if LAM reports any missing object
class/attribute.
The hostObject object class is usually built-in and requires no schema
file. However, please check if any of your installed schema files
(/etc/ldap/schema) includes the hostObject entry. If yes then add it to
your slapd.conf and restart OpenLDAP.

- --

Best regards

Roland Gruber

LDAP Account Manager
http://www.ldap-account-manager.org/

Want more? Get LDAP Account Manager Pro!
http://www.ldap-account-manager.org/lamcms/lamPro

Andrew Niemantsverdriet

2010-09-27 16:58:23 UTC

Permalink

Roland,

Post by Roland Gruber
looks like OpenLDAP does not accept the object class. Please run the
schema check (Tools -> Tests) if LAM reports any missing object
class/attribute.
The hostObject object class is usually built-in and requires no schema
file. However, please check if any of your installed schema files
(/etc/ldap/schema) includes the hostObject entry. If yes then add it to
your slapd.conf and restart OpenLDAP.

Ok, so I am closer. I added the schema file ldapns.schema which has
the hostObject in it. Restarted LDAP and ran the schema test again. It
still failed but when I go to add a host to a user account it looks
like it succeeds. However I am unable to login to the computer in
question and when I look at the LDIF I do not see that any host
attribute was added.

--
_
/-\ ndrew Niemantsverdriet
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102

Roland Gruber

2010-09-27 18:11:24 UTC

Permalink

Hi Andrew,

Post by Andrew Niemantsverdriet
Ok, so I am closer. I added the schema file ldapns.schema which has
the hostObject in it. Restarted LDAP and ran the schema test again. It
still failed but when I go to add a host to a user account it looks
like it succeeds. However I am unable to login to the computer in
question and when I look at the LDIF I do not see that any host
attribute was added.

this is the right schema. You need this entry:

objectclass ( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject'
DESC 'Auxiliary object class for adding host attribute'
SUP top
AUXILIARY
MAY host )

When you add hosts, save the account and open it again in LAM, do the
host entries still appear? If yes then they are saved.
You can also open the entry in the tree view and check for the host
attribute.

What else did the schema test report?

- --

Best regards

Roland Gruber

LDAP Account Manager
http://www.ldap-account-manager.org/

Want more? Get LDAP Account Manager Pro!
http://www.ldap-account-manager.org/lamcms/lamPro

Andrew Niemantsverdriet

2010-09-27 19:05:15 UTC

Permalink

Post by Roland Gruber
objectclass ( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject'
DESC 'Auxiliary object class for adding host attribute'
SUP top
AUXILIARY
MAY host )
When you add hosts, save the account and open it again in LAM, do the
host entries still appear? If yes then they are saved.
You can also open the entry in the tree view and check for the host
attribute.
What else did the schema test report?

Ok, I think I finally got it fixed up. There were some crazy browser
caching issues going on once I closed out my browser and restested
schema test looked right and I got the host attributes reported to me
like I thought they should be.

Thanks for the help,

--
_
/-\ ndrew Niemantsverdriet
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102