如何在 Ubuntu 下使用 OpenLDAP 作为 OpenAM 的存储?
我意识到有很多关于如何在 Ubuntu 下设置 OpenLDAP 或如何为 OpenAM(以前称为 OpenSSO)配置数据存储的资料。对我来说最有用的一些是:
http://ubuntuforums.org/showpost。 php?p=8236370&postcount=1
https://blogs.oracle.com/ indira/entry/using_openldap_as_user_data
不幸的是,当我尝试导入从安装了 OpenSSO(实际上是 Java Access Manager,但我希望它们可以互换)的先前系统导出的 LDIF 时,我得到出现以下错误:
ldap_add: Invalid syntax (21)
additional info: objectClass: value #2 invalid per syntax
如果我注释掉一些 objectClass 行,我将遇到另一个语法错误,这让我觉得我错过了一个关键的模式。我已经添加了上面第二个链接中提供的架构,但这似乎并没有解决问题。
此页面 [ http://docs.sun.com/app/docs/doc/820-3320/ghlvi?a=view (link dead) ] 描述了要导入的 LDIF 文件列表建议与 OpenSSO 一起分发,但遗憾的是,并非所有这些似乎都包含在 ForgeRock(OpenAM 维护者)的可用下载中。 [ http://www.forgerock.org/downloads.html ] 只有 fam_* 模式是那里。
我有点不知道下一步该尝试什么。我对 LDAP 配置没有太多经验,所以我可能忽略了一些非常明显的事情。感谢您的帮助!
I realize there are a number of sources on how to get OpenLDAP set up under Ubuntu, or how to configure data stores for OpenAM (formerly OpenSSO). Some that seem most useful to me are:
http://ubuntuforums.org/showpost.php?p=8236370&postcount=1
https://blogs.oracle.com/indira/entry/using_openldap_as_user_data
Unfortunately, when I try to import the LDIF exported from the previous system where OpenSSO (actually Java Access Manager, but I'm hoping they're as interchangeable as they appear) was installed, I get the following error:
ldap_add: Invalid syntax (21)
additional info: objectClass: value #2 invalid per syntax
If I comment out some of the objectClass lines, I'll get down to another syntax error, which makes it seem to me like I'm missing a crucial schema. I've added the schema provided at the second link above, but that doesn't seem to do the trick.
This page [ http://docs.sun.com/app/docs/doc/820-3320/ghlvi?a=view (link dead) ] describes a list of LDIF files to import that it suggests are distributed with OpenSSO, but alas not all of them seem to be in the available downloads from ForgeRock (maintainers of OpenAM). [ http://www.forgerock.org/downloads.html ] Only the fam_* schema are there.
I'm somewhat at a loss as to what to attempt next. I don't have much experience with LDAP configuration, so it may be that I'm overlooking something quite obvious. Thanks for any help!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
此错误要么是无法识别对象类值,要么是由于条目的 LDIF 定义中存在额外空格而导致属性语法无效。
This error is either the objectclass value is not recognized, or the attribute syntax is invalid often due to extra spaces in the LDIF definition of the entry.