directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: ldif import works in studio, fails with LdifFileLoader
Date Wed, 11 Feb 2015 18:53:36 GMT
Le 11/02/15 19:26, Michael Perelman a écrit :
> Hi. My case involves an embedded instance of ADS-M17 where I load a simple .ldif file
during start-up using LdifFileLoader instance. I always use the Studio to perform initial
tests, and it works in this particular case. But when I use LdifFileLoader, the security-related
entities are never created. Here is what the .ldif looks like:

LdapStudio will order the LDIF before injecting it. The LdifLoader wont.
Typically, here, the dc=myCompany,dc=com is not the first entry, and the
loader will yell at you because it's messing when it will try to load
the first entry (ou=people,dc=mycompany,dc=co).

Another thing : why are you modifying the entry you just injected before
(dc=mycompany,dc=com)? It's a better idea to add the administrativeRole
attribute to the entry immediately.

Last, not least: which user are you using to inject the entries ?

>
> dn: ou=people,dc=mycompany,dc=com
> objectClass: organizationalUnit
> objectClass: top
> ou: people
>
> dn: dc=mycompany,dc=com
> objectclass: domain
> objectclass: top
> objectclass: extensibleObject
> dc: mycompany
> ou: mycompany
>
> dn: dc=mycompany,dc=com
> changetype: modify
> add: administrativeRole
> administrativeRole: accessControlSpecificArea
>
> dn: cn=allowUserSelfMod,dc=mycompany,dc=com
> objectClass: subentry
> objectClass: accessControlSubentry
> objectClass: top
> cn: allowUserSelfMod
> prescriptiveACI: { identificationTag "", precedence 0, authenticationLevel s
>  imple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissi
>  ons { { protectedItems { entry }, grantsAndDenials { grantBrowse, grantRetu
>  rnDN, grantModify, grantRead } }, { protectedItems { allAttributeValues { u
>  serPassword } }, grantsAndDenials { grantRemove, grantAdd } } } } }
> subtreeSpecification: { }
>
> The dc=mycompany,dc=com partition and its ou=people org unit are created successfully
when using either the Studio or the LdifFileLoader. Yet partition's administrativeRole and
accessControlSubentry are only created when using the Studio, while importing via LdifFileLoader
does not! And no exceptions are thrown at any time.
>
> Thanks!
>  		 	   		  


Mime
View raw message