Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

attribute "dc" is not allowed

807573Jan 24 2008 — edited Jan 24 2008
hello

I have a fresh ldap installed with base DN: dc=siroe,dc=com

I am adding this entry:

ldapentries.ldif:
dn: dc=uk,dc=siroe,dc=com
dc: lb
objectClass: top
objectClass: organizationalUnit

I am getting this error in the error.log:
- ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "dc=uk,dc=siroe,dc=com", attribute "dc" is not allowed

can you please advise on how to add this entry?

thx

Comments

807573
The dc attibutes is used only with suffix, if you need to create an organization unit, you need to use ou attributes.

Something like this:

dn: ou=uk,dc=siroe,dc=com
objectclass: top
objectclass: organizationalUnit
ou: uk
description: UK Organization

otherwise you need to create a sub-suffix

---------
Creating Suffixes From the Command Line

You may also use the ldapmodify command-line utility to create suffixes in your directory. Because root suffixes and subsuffixes are managed internally in the same way by the server, the procedure for creating them from the command line is nearly the same.

1. Create the suffix configuration entry under cn=mapping tree,cn=config with the following command for a root suffix:

ldapmodify -a -h host -p port -D "cn=Directory Manager" -w password
dn: cn="suffixDN",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
cn: suffixDN
nsslapd-state: backend
nsslapd-backend: databaseName
^D

For a subsuffix, use the same command with an additional attribute:
nsslapd-parent-suffix: "parentSuffixDN"

The suffixDN is the full DN of the new suffix. For a root suffix, the convention is to use the domain-component (dc) naming attribute, for example, dc=example,dc=org. In the case of a subsuffix, the suffixDN includes the RDN of the subsuffix and the DN of its parent suffix, for example ou=Contractors,dc=example,dc=com.


Note

Suffix names are in the DN format but are treated as a single string. Therefore, all spaces are significant and are part of the suffix name. Access to this suffix will need to respect the same spacing used in the suffixDN string.
--------

Or you can delete your old suffix and then create a new one.. you can find all the information at this URL:

http://docs.sun.com/source/816-6698-10/suffixes.html#16762

Ciao Fab
807573
actually I changed the ldif file to:

version: 1
dn: dc=uk,dc=siroe,dc=com
dc: uk
objectClass: top
objectClass: domain
objectClass: nisDomainObject
nisDomain: siroe.com

and the entry got added
807573
Yes but nisDomain Object is used for a different thinks.. but probably it can be works for your purpose..

Good luck !
1 - 3
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Feb 21 2008
Added on Jan 24 2008
#identity-management, #oracle-unified-directory-oud-oracle-directory-server-enterprise-edition-sun-dsee
3 comments
989 views