Attempting to add a new attribute to OpenLDAP and keep hitting brick walls.
I am trying to add an ipPhone attribute to the schema since I can't include * numbers in the default telephoneNumber attribute.
My LDIF file used to create the new attribute and like it to the objectClass is below.
dn: cn=schema,cn=config
changetype: modify
add: olcAttributeTypes
olcAttributeTypes: ( 2.25.128424792425578037463837247958458780603.1
NAME 'ipPhone'
DESC 'Extension Number'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
add: olcObjectClasses
olcObjectClasses: ( 2.25.128424792425578037463837247958458780603.3
NAME 'samplePerson'
DESC 'samplePerson'
SUP inetOrgPerson
STRUCTURAL
MAY (ipPhone)
)
To apply the above, I used:
ldapmodify -Y EXTERNAL -H ldapi:/// -f attrib.ldif
I can see the added config in:
/etc/ldap/slapd.d/cn=config/cn=schema.ldif
However, after restarting slapd and attempting to add a new user with this attribute, I return the error:
ldap.UNDEFINED_TYPE: {'info': u'ipPhone: attribute type undefined', 'desc': u'Undefined attribute type'}
I have been testing and googling for hours but have been unable to resolve this or figure out what I have missed!
Turns out I didn't have the objectClass assigned to the users.
Related
ValueError: ir.actions.report.report_type: required selection fields must define an ondelete policy that implements the proper cleanup of the corresponding records upon module uninstallation. Please use one or more of the following policies: 'set default' (if the field has a default defined), 'cascade', or a single-argument callable where the argument is the recordset containing the specified option.
You need to declare like this :
report_type = fields.Selection(
selection_add=[('sale', 'sale')],
ondelete={'sale': 'cascade'}
)
or you can also add this as per the requirement :
ondelete={'sale': 'set default'})
If you guys get this issue when database is cached, then try this (otherwise, ignore this solution):
Add dbfilter to odoo.conf:
dbfilter = ^your_db_name*
Then restart the server and go to /web/database/selector and select your db
My requirement is to add the posixGroup and groupofNames object class together which add LDAP group using LDIF. Since both class are STRUCTURAL and cannot be added.
To achieve this, I used the link where they mentioned to create a customPosixGroup.
https://devopsideas.com/openldap-linux-client-ldap-integration/
Steps they mentioned in the link is
Overcoming posixGroup and groupOfNames caveat
We will be creating server group objects of type posixGroup under ou=server container. The posixgroup is required to provide the translation between group id numbers and their name. We’ll be providing access to servers based on membership of the groups. posixGroup’s member attribute is called memberUID and simply lists the uid of the member. Using this alone, there’s really no solid way to identify the specific distinguished name of the group member.
The problem we have is, memberOf attribute is part of groupOfNames objectClass. We cannot use both posixGroup and groupOfNames together since both are STRUCTURAL objectClasses ( An entry can have only one STRUCTURAL object class ).
To overcome this, we need to create a custom objectClass that will be a clone of posixGroup but of type AUXILIARY instead of STRUCTURAL. Hence we will be able to use groupOfNames along with the custom posixGroup which is almost identical to posixGroup except the class type.
The posixGroup exists in nis schema and hence we’ll make the change there.
Create a file named schema_update.ldif with the below content
dn: cn={2}nis,cn=schema,cn=config
changetype: modify
add: olcObjectClasses
olcObjectClasses: {13}( 1.3.6.1.1.1.2.13 NAME 'customposixGroup' DESC 'Abstraction of a group of accounts' AUXILIARY MUST ( cn $ gidNumber ) MAY ( userPassword $ memberUid $ description $ member ) )
{2} denotes the order. You can refer ‘/etc/ldap/slapd.d/cn\=config/cn\=schema’ to get this.
We have named the custom group as customposixGroup. This contains all the attributes that are part of posixGroup except the class type marked as ‘AUXILIARY’.
Run the below command to make the changes,
ldapmodify -W -D cn=admin,cn=config -f schema_update.ldif
I followed the steps and added the customposixGroup and after that added the group as
dn: cn=server_dev,ou=graylog,ou=rgroup,dc=rad,dc=com
objectclass: customposixGroup
objectclass: groupOfNames
cn: server_dev
gidNumber: 7000
description: Server Dev Group
member: uid=aron.francis,ou=People,dc=rad,dc=com
Then, On my Linux client side is sssd which I have configured but if I query using the id command.
Here the group name is not getting displayed.
I wanted help on why the group name is not getting displayed when I use the id
command from the LDAP client.
But if I use posixGroup instead of customPosixGroup and not groupOfName object class then the group
name is getting displayed
I am trying to configure the Openldap server setup but I am stuck at the above mentioned point. I need help on that and also wanted to know if I have been doing any wrong configuration. If you need more info kindly reply so that I can provide that.
There's an option in sssd config, that tells which group to check out (default value is posixGroup [https://linux.die.net/man/5/sssd-ldap]):
ldap_group_object_class = customposixGroup
After adding the option, restart sssd and clear cache using sss_cache -E.
Hope it helps
Instead of patching your nis.schema try using the rfc2307bis.schema. It already has an aux posixGroup.
I'm trying to view all root names on a server that are available for searching thru/modifying. I've tried looking online-but I'm still unable to find the base levels.
ldapsearch -b "o=blah.com" -p 1111 "objectclass=*" returns everything in that blah.com due to the filter being all object classes.
Is there a similar function to be able to find all o=*? I need to able to search thru each of those directories and modify things at some point...and without knowing what's in there, i'm sort of at the mercy of the other developers....
If the question is "How to get valid top-level base dn(s) ?", you have multiple options :
Domain components (dc) usually match the FQDN, it makes sense to use these dc's to build up a top level base dn (e.g. 'host.example.com' would give 'dc=example,dc=com'), but it is not guaranteed it results in a valid base dn.
Search for rootDSE information :ldapsearch -H ldap://host.example.com -x -s base -b '' +
Then retrieve the namingContexts or defaultNamingContext attribute(s), any one of them can be used as a search base dn.
Use an LDAP explorer like Apache Directory Studio to display the directory tree, select a top object matching objectClass: dcObject (and optionnally o=something) : any corresponding entry can be used as a search base object by using its dn as the base dn.
Is it possible to add an alias to a schema atrribute type in openldap? Could anyone provide the command line instruction to accomplish this?
For example,
Description RFC2256: Telephone Number
OID 2.5.4.20
Obsolete No
Inherits from
Equality telephoneNumberMatch
Ordering (not specified)
Substring Rule telephoneNumberSubstringsMatch
Syntax Telephone Number (1.3.6.1.4.1.1466.115.121.1.50)
Single Valued No
Collective No
User Modification Yes
Usage (not specified)
Maximum Length 32 characters
Aliases (none)
Used by objectClasses dmd documentSeries domain organization organizationalPerson organizationalRole organizationalUnit person residentialPerson RFC822localPart room
Force as MAY by config No
I want to update the Aliases from none to "Test1"
You need to locate the scheme entry in one of the files in the schemas directory and add the alias there. You'll find other examples in those files of what an alias looks like. Then just restart the server.
I have a custom route controller that checks the database before returning view. that being said I'm not passing any parameters to this controller besides the first and never will. Is there a way to stop laravel from expecting a parameter? I'm getting this error:
mydomain/login ---- Works Fine
mydomain/login/sometext -- Throws error
"Symfony \ Component \ HttpKernel \ Exception \ NotFoundHttpException"
/var/www/html/vendor/laravel/framework/src/Illuminate/Routing/RouteCollection.php
routes.php
Route::get('/', function(){return View::make('main.landing');});
Route::get('/{path}', array('uses' => 'RouteController#index'));
Then in my RouteController I take $path and query database to check if route exists and then displays the custom view.
Any help would be greatly appreciated!
Thanks!
You need to specify to the router that you want to allow slashes in your route parameter. You can do it like so:
Route::get('/{path}', array('uses' => 'RouteController#index'))->where('path', '(.*)');
This will allow any character.
By default route parameters do not accept slashes. You need to explicitly allow any characters in your path parameter:
Route::get('/{path}', array('uses' => 'RouteController#index'))
->where('path', '(.*)');