Reputation: 1129
Adding custom schema to 389 Directory Server
I'm trying auth against ldap (389 DS) using ssh public key.
I have read https://github.com/AndriiGrytsenko/openssh-ldap-publickey (and many more)
The first step is add the objectclass to the ldap.
Based in https://github.com/AndriiGrytsenko/openssh-ldap-publickey/blob/master/misc/openssh-lpk-openldap.schema (designed to openldap). I have created my own ldif file for 389 DS.
Looks like this
# 60sshlpk.ldif
# ldapPublicKey
#
# LDAP Public Key Patch schema for use with openssh-ldappubkey
# useful with PKA-LDAP also
#
# Author: Eric AUGE <[email protected]>
#
# Based on the proposal of : Mark Ruijter
#
################################################################################
#
dn: cn=schema
#
################################################################################
#
attributetype: (
1.3.6.1.4.1.24552.500.1.1.1.13
NAME 'sshPublicKey'
DESC 'MANDATORY: OpenSSH Public key'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
)
#
################################################################################
#
objectclass: (
1.3.6.1.4.1.24552.500.1.1.2.0
NAME 'ldapPublicKey'
SUP top
AUXILIARY
DESC 'MANDATORY: OpenSSH LPK objectclass'
MUST ( sshPublicKey $ uid )
)
#
################################################################################
#
I have put new scheme in /etc/dirsrv/slapd-dir/schema/ and restarted the server.
File is fine loaded but...
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid ) )"
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid ) )"
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid ) )"
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid ) )"
[25/Dec/2014:18:40:47 +0100] - 389-Directory/1.2.10.4 B2013.059.1953 starting up
[25/Dec/2014:18:40:47 +0100] - slapd started. Listening on All Interfaces port 389 for LDAP requests
I need new OIDs for 389 DS right?
If answer is yes, somebody know how to proceed??
Thanks and merry christmas!!!!
Upvotes: 1
Views: 6437
Answers (1)
Reputation: 1129
I have the answer and isn't related with OIDs
In my ldif I'm using attributetype and objectclass instead attributeTypes and objectClasses
The keywords are differents in openldap and 389 DS.
Upvotes: 1
Related Questions
- LDAP- adding new attribute schema using ldapmodify
- Create Active Directory schema into OpenLDAP
- Creating a new schema LDAP with ApacheDS
- LDAP schema editing on the fly
- add eduPerson schema to ApacheDS
- Creating a custom schema/ add to the existing schema for an in-memory UnboundID LDAP server
- ldap schema in development
- Extend openldap schema
- Extending a default schema in OpenLDAP
- How to extend Active Directory's schema through LDAP protocol?