Craig White <craigwhite@xxxxxxxxxxx> wrote: > First, imported nearly my entire openldap structure...but couldn't > import this record > > dn: sambaDomainName=AZAPPLE,dc=azapple,dc=com > objectClass: sambaDomain > sambaDomainName: AZAPPLE > sambaSID: S-1-5-21-1423820788-2381578139-3444021595 > sambaAlgorithmicRidBase: 1000 > > Easy enough to recreate in console but didn't understand the error... > [03/Dec/2005:11:24:28 -0700] - Entry > "sambaDomainName=AZAPPLE,dc=azapple,dc=com" -- attribute "objectClass" > not allowed The samba.schema file was converted with a tool that doesn't avoid the "overly picky schema parsing" bug (#170791). You can try the new schema conversion script on the website to see if it handles this, or for samba.schema the workaround ./ol-schema-migrate.pl samba.schema | grep -v DESC > 61samba.ldif to remove all DESC lines from the schema will work, since the DESC line is an optional line that is out of order in the original file. See the bug for details about how this affects objectclass sambaDomain; the short story is that Directory Server doesn't know that sambaDomain is derived from objectclass top, from which sambaDomain inherits the "objectClass" attribute. -- Steve Bonneville -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
