directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ike Ikonne" <iiko...@us.ibm.com>
Subject Re: How to configure pwdPolicySubentry
Date Thu, 05 Jan 2017 01:57:05 GMT
Hi Emmanuel,

Yes, in fact, the sshPublicKey is an attribute of ldapPublicKey.

Thanks,

Ike



From:   Emmanuel Lécharny <elecharny@gmail.com>
To:     users@directory.apache.org
Date:   01/04/2017 04:42 PM
Subject:        Re: How to configure pwdPolicySubentry



Weird...


The cn=iikon1,ou=OCE,o=ABC,dc=example,dc=com entry contains a Structural
ObjectClass : organizationalPerson.


Have you correctly added the schema that contains the ldapPublicKey
ObjectClass ?



Le 04/01/2017 à 21:13, Ike Ikonne a écrit :
> Hi Emmanuel,
>
> Thanks for the reply. Here is the LDIF information that you had
> requested, the first one is the password policy container, the
> second is actually the user where the pwdPolicySubentry attribute
> is being updated.
>
> ************** pwdPolicy container *******************
> dn: ou=sspPwdPolicy,o=ABC,dc=example,dc=com
> objectClass: top
> objectClass: organizationalUnit
> objectClass: pwdPolicy
> ou: sspPwdPolicy
> pwdAttribute: userPassword
>
>
> *********** user container *************************
> dn: cn=iikon1,ou=OCE,o=ABC,dc=example,dc=com
> objectClass: ldapPublicKey
> objectClass: pkiUser
> objectClass: organizationalPerson
> objectClass: person
> objectClass: top
> cn: iikon1
> sn: Ikonne
> sshPublicKey:: 
> QUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQWdRQ2NlK0FEeVFXRy9IcU1WV
> 
> 
XRiRFdEUytEK2syMVYwVWxyTDhna0J4S0VuazgyU1krbUl0cjNIL0U0VGdFZWp3OGsybGtyc2E0
> 
> 
dHZNY3ZMNDNiK0psd21ob2h2S3NpVSs5ZzhkSFBLNFBwejk5QWpwZUVIVnI1cW1LYmFWcnpQSE5
> 
> 
vMk5KRSs3bkdpeW8vTEVPVEd2QkxKTmo2YlJzdmo2SVhBcW1qcG9NMEkxdz09ICAgICAgICAgIC
>  AgICAgICAgICAgICAgICAgICAgICAg
> userPassword:: 
> e1NTSEF9TkcwNGxWdllnWXdWQjVYTHJxdjNCdmtMQU1aRHFhczQ2c1IwdHc9P
>  Q==
>
> *************** stacktrace from trying to set the pwdPolicySubentry with 

> dn: ou=sspPwdPolicy,o=ABC,dc=example,dc=com **********
>
> javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - 
> OBJECT_CLASS_VIOLATION: failed for MessageType : ADD_REQUEST
> Message ID : 58
>     Add Request :
> Entry
>     dn[n]: cn=iikon1,ou=OCE,o=ABC,dc=example,dc=com
>
>     cn: iikon1
>     pwdPolicySubentry: ou=sspPwdPolicy,o=ABC,dc=example,dc=com
> : ERR_60 Entry cn=iikon1,ou=OCE,o=ABC,dc=example,dc=com does not contain 
a 
> STRUCTURAL ObjectClass]; remaining name 
> 'iikon1,ou=OCE,o=ABC,dc=example,dc=com'
>         at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3133)
>         at 
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3048)
>         at 
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2854)
>         at 
com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:825)
>         at 
> 
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:350)
>         at 
> 
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:279)
>         at 
> 
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:267)
>         at 
> 
javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:209)
>
>
>
> From:   Emmanuel Lécharny <elecharny@gmail.com>
> To:     users@directory.apache.org
> Date:   01/04/2017 02:25 AM
> Subject:        Re: How to configure pwdPolicySubentry
>
>
>
> Hi,
>
>
> can you past the entry you are injecting ? You may be missing a needed
> ObjectClass beside the 'pwdPolicy', which is Auxiliary. A Structural
> ObjectClass is needed, 'subentry' in this case.
>
>
> Le 04/01/2017 à 08:07, Ike Ikonne a écrit :
>> Hi all,
>>
>> I am trying to configure a per user pwdPolicy in APACHE Directory 
>> programmatically,
>> but I am getting a stacktrace. I would appreciate a hint on how to get 
>> this configured
>> successfully.
>>
>> Thanks,
>>
>> Ike
>>
>> - javax.naming.directory.SchemaViolationException: [LDAP: error code 65 

> - 
>> OBJECT_CLASS_VIOLATION: failed for MessageType : ADD_REQUEST
>> Message ID : 58
>>     Add Request :
>> Entry
>>     dn[n]: cn=ceu_user11,ou=OCE,o=ABC,dc=example,dc=com
>>
>>     cn: ceu_user11
>>     pwdPolicySubentry: 
>>
> 
ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
>> : ERR_60 Entry cn=ceu_user11,ou=OCE,o=ABC,dc=example,dc=com does not 
>> contain a STRUCTURAL ObjectClass]; remaining name 
>> 'cn=ceu_user11,ou=OCE,o=ABC,dc=example,dc=com'
>>         at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3133)
>>         at 
> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3048)
>>         at 
> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2854)
>>         at 
> com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:825)
>>         at 
>>
> 
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:350)
>>         at 
>>
> 
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:279)
>>         at 
>>
> 
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:267
>>
>>
>>

-- 
Emmanuel Lecharny

Symas.com
directory.apache.org






Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message