puppet-openldap icon indicating copy to clipboard operation
puppet-openldap copied to clipboard
verified publisher icon jfryman

Issue with uid: and mail: attributes when creating users

Open adaburrows opened this issue 13 years ago • 2 comments

I've used this module to install an LDAP server for testing here at Puppet Labs, but whenever I try to specify a uid or mail field ldapadd fails with an error:

ldap_add: Object class violation (65)
    additional info: attribute 'uid' not allowed

I can see that you have the uid index set in the domain_template.erb:

index uid,memberUid                     eq,pres,sub

Maybe, my unfamiliarity with LDAP has betrayed me. I've added the following to the base.ldif.erb to have a test user:

dn: cn=Jillian Ada Burrows,<%= basedn %>
cn: Jillian Ada Burrows
cn: Jill Burrows
objectClass: person
sn: Burrows
uid: jill
userPassword: testing

Is there anything I need to change from your base configuration to make this work? Also, is there any built-in capability for creating more users other than editing the templates?

adaburrows avatar May 09 '12 18:05 adaburrows

Hi! Thanks for your input. First, can you give me additional information on your setup? I am using this module in production, and have not run into the error you describe.

Secondly: The module itself isn't scoped to CRUD users or other relative LDAP items. Rather, just to manage the LDAP server itself. It was my intention to use existing providers (user/group) to manage users w/ LDAP as well as populating the schema through alternate programmatic means. However, your use case is interesting: would there be benefit in providing a 'seed LDIF' for initial deployments?

jfryman avatar May 10 '12 01:05 jfryman

Ping again. This still an issue you want to take a look at?

jfryman avatar Feb 15 '13 19:02 jfryman