John, once again, could you please sent replies to the mailing list instead of replying to me directly. Others might be struggling with similar problems as you. Am Dienstag 25 Mai 2010, 17:53:33 schrieb Developer Coldfusion developer:
LDIF file is in attachment. Also I had to configure OpenDS to make it use pre-encoded passwords http://blogs.sun.com/Ludo/entry/opends_tips_importing_ldif_with. John
The schema you attached looked good to me on a quick view (at least it had the required inheritance between the suseObjectTemplate and suseGroupTemplate Objectclasses. Honestly, if you really added the attached scheme I think you probably hit a bug in the OpenDS Version you are using and not in YaST. What YaST ldap-client tries to add this object to the LDAP Server: dn: cn=grouptemplate,ou=People,dc=linux-1xek cn: grouptemplate objectClass: top objectClass: suseObjectTemplate objectClass: suseGroupTemplate suseNamingAttribute: cn susePlugin: UsersPluginLDAPAll Your OpenDS seems to choke on the fact that the objectclasses "suseObjectTemplate" and "suseGroupTemplate" are present in the entry. Which both are defined as being "structural". Usually (if suseGroupTemplate would not inherit from suseObjectTemplate), OpenDS would be correct with it's complain. The LDAP standard allows an entry only belong to "precisely one structural object class superclass chain" (see RFC4512 for details if interested). But as suseGroupTemplate is a subclass of suseObjectTemplate this constraint is fullfilled. And that's why I think you hit a in OpenDS. Unfortuntely I don't have an OpenDS instance running here to test that myself. But I'd suggest you create bugreport with the OpenDS people. Make sure you test with the latest release, probably this has already been fixed. [..] -- Ralf -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org For additional commands, e-mail: yast-devel+help@opensuse.org