将自定义架构添加到389 Directory Server

时间:2014-12-25 18:11:31

标签: ldap

我正在尝试使用ssh公钥对ldap(389 DS)进行身份验证。

我已阅读https://github.com/AndriiGrytsenko/openssh-ldap-publickey(还有更多)

第一步是将对象类添加到ldap。

基于https://github.com/AndriiGrytsenko/openssh-ldap-publickey/blob/master/misc/openssh-lpk-openldap.schema设计为openldap )。我为389 DS创建了自己的ldif文件。

看起来像这样

# 60sshlpk.ldif
# ldapPublicKey
#
# LDAP Public Key Patch schema for use with openssh-ldappubkey
#                              useful with PKA-LDAP also
#
# Author: Eric AUGE <eau@phear.org>
#
# Based on the proposal of : Mark Ruijter
#
################################################################################
#
dn: cn=schema
#
################################################################################
#
attributetype: (
  1.3.6.1.4.1.24552.500.1.1.1.13
  NAME 'sshPublicKey'
  DESC 'MANDATORY: OpenSSH Public key'
  EQUALITY octetStringMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
  )
#
################################################################################
#
objectclass: (
  1.3.6.1.4.1.24552.500.1.1.2.0
  NAME 'ldapPublicKey'
  SUP top
  AUXILIARY
  DESC 'MANDATORY: OpenSSH LPK objectclass'
  MUST ( sshPublicKey $ uid )
  )
#
################################################################################
#

我已将新方案放在/ etc / dirsrv / slapd-dir / schema /中并重新启动服务器。

文件很好但是...... 

[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "(   1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid )  )"
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid )  )"
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK   objectclass' MUST ( sshPublicKey $ uid )  )"
[25/Dec/2014:18:40:47 +0100] - Entry "cn=schema" has unknown object class "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY DESC 'MANDATORY: OpenSSH LPK objectclass' MUST ( sshPublicKey $ uid )  )"
[25/Dec/2014:18:40:47 +0100] - 389-Directory/1.2.10.4 B2013.059.1953 starting up
[25/Dec/2014:18:40:47 +0100] - slapd started.  Listening on All Interfaces port 389 for LDAP requests

我需要389 DS的新OID吗?

如果答案是肯定的,有人知道如何继续吗?

谢谢,圣诞快乐!!!!

1 个答案:

答案 0 :(得分:1)

我有答案,与OID无关

在我的ldif中我使用 attributetype objectclass 而不是 attributeTypes < / em> objectClasses

关键字在openldap和389 DS中是不同的。

相关问题
最新问题