[Fedora-directory-devel] Samba4 onto Fedora DS
Pete Rowley
prowley at redhat.com
Tue Aug 22 22:35:40 UTC 2006
Andrew Bartlett wrote:
>On Tue, 2006-08-22 at 16:06 -0600, Richard Megginson wrote:
>
>
>>Andrew Bartlett wrote:
>>
>>
>>>On Tue, 2006-08-22 at 10:03 -0700, Pete Rowley wrote:
>>>
>>>
>>>
>>>>Kimmo Koivisto wrote:
>>>>
>>>>
>>>>
>>>>
>>>>>Andrew Bartlett wrote:
>>>>>[snip]
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>Anyway, this is the error I get with the attached schema:
>>>>>>
>>>>>>[abartlet at piglett source]$ sudo /opt/fedora-ds/slapd-piglett/start-slapd
>>>>>>Password:
>>>>>>[22/Aug/2006:21:03:47 +1000] dse - The entry cn=schema in
>>>>>>file /opt/fedora-ds/slapd-piglett/config/schema/01samba4.ldif is
>>>>>>invalid, error code 20 (Type or value exists) - attribute type
>>>>>>streetAddress: Does not match the OID "1.2.840.113556.1.2.256". Another
>>>>>>attribute type is already using the name or OID.
>>>>>>[22/Aug/2006:21:03:47 +1000] dse - Please edit the file to correct the
>>>>>>reported problems and then restart the server.
>>>>>>
>>>>>>I can find no other reference (in the schema ldif files) to
>>>>>>streetAddress, or that OID.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>See 00core.ldif:
>>>>>attributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetaddress' ) DESC 'Standard
>>>>>LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC
>>>>>2256' )
>>>>>
>>>>>Maybe this is what you wan't to remove?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>It would be bad form to remove a standard attribute and replace it with
>>>>one of the same name but different OID. It would be better to use the
>>>>standard attribute.
>>>>
>>>>
>>>>
>>>What would go wrong if I did that?
>>>
>>>
>>>
>>The server might not start, apps might break.
>>
>>
>
>Do apps read the OID? I thought they just query by name. (The syntax is
>identical in this case).
>
>
>
Typically a careful client would request attributes by OID, change the
OID and you break the good apps.
>I was kind of hoping someone might be able to give me that list, so I
>can split the 00core.ldif. Once I know that list, I can place them into
>my excludes file, and not have the AD schema replace them.
>
>
Why not deal with the specific problems that arise when /adding/ the AD
schema? I'm guessing that would be a shorter list?
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20060822/e89b4d35/attachment.bin>
More information about the Fedora-directory-devel
mailing list