On Tue, 2022-11-08 at 21:24 +0100, Julian Kippels wrote: > Hi, > > I am currently in the process of moving our LDAP-Servers from old > CentOS 7 Servers to new Debian 11 Servers. In the process I am > exporting all databases from the old server to ldif files and > importing > those files on the new server. > > When I import such a file I get a lot (basically for every single > entry) > of warnings and errors in the errors-log like the following: > > [08/Nov/2022:21:01:52.272475719 +0100] - ERR - oc_check_allowed_sv - > Entry "cn=219058,ou=accounts,o=demo" -- attribute "entrylevelrights" > not allowed > [08/Nov/2022:21:01:52.273547001 +0100] - WARN - import_producer - > import demo: Skipping entry "cn=219058,ou=accounts,o=demo" which > violates schema, ending line 9232514 of file "/var/lib/dirsrv/slapd- > ldap-master/ldif/demo.ldif" > > I can't make heads or tails of this. I exported the ldif using the > 389-console using "Export Databases" and I import them via Cockpit > using "Initialize Suffix" for the Suffix o=demo > > I cannot find this attribute in any schema-file on either the old or > the new servers. Where does this come from a custom schema on the 1.2.2 box? > , and how do I solve this > issue? I'm curious what objectclasses are found under the cn=219058,ou=accounts,o=demo object, and whether entrylevelrights is listed as an attribute for this object. If so, and the attribute is unneeded, perhaps remove this attribute from the ldif prior to importing? Mark _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
