how to fix (65) invalid structural object class chain (posixGroup/groupOfNames)?

Discussion:

amfpg

2009-02-05 02:28:39 UTC

i have google this error but can found the solution, i have ldiff like
this

dn: cn=Domain Users,ou=groups,dc=example,dc=com
objectClass: posixGroup
objectClass: sambaGroupMapping
objectClass: groupOfNames
gidNumber: 513
cn: Domain Users
description: Netbios Domain Users
sambaSID: S-1-5-21-1659004503-162531612-725345543-513
sambaGroupType: 2
displayName: Domain Users
structuralObjectClass: posixGroup
entryUUID: dfbb39b4-ce6a-1029-9ec2-c836d38f1ca5
creatorsName: cn=Manager,dc=example,dc=COM
createTimestamp: 20051011062033Z

what i must to do so i can using slapadd to add this ldif into my ldap

thanks very much

Quanah Gibson-Mount

2009-02-05 03:24:31 UTC

Permalink

Post by amfpg
i have google this error but can found the solution, i have ldiff like
this
what i must to do so i can using slapadd to add this ldif into my ldap

groupOfNames and posixGroup are both STRUCTURAL objectClasses. An object
can only be one type of thing. So, is it a posixGroup, or is it a
groupOfNames? You need to decide. Just like an object cannot be both a
tree and an ocean. These are two distinct concepts.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration

my mail

2009-02-05 04:06:40 UTC

Permalink

Subject: Re: [ldap] how to fix (65) invalid structural object class chain (posixGroup/groupOfNames)?
Date: Thursday, February 5, 2009, 3:24 AM
--On Wednesday, February 04, 2009 9:28 PM -0500 amfpg
groupOfNames and posixGroup are both STRUCTURAL
objectClasses. An object can only be one type of thing.
So, is it a posixGroup, or is it a groupOfNames? You need
to decide. Just like an object cannot be both a tree and an
ocean. These are two distinct concepts.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and
collaboration

oh i see that, thanks for your explain, i'll fix my ldif file

but it's okay if i use schemacheck off in my slapd.conf?

thanks

Adam Tauno Williams

2009-02-05 13:21:49 UTC

Permalink

Post by my mail
but it's okay if i use schemacheck off in my slapd.conf?

No. schemacheck off is always a bad idea; and it probably doesn't work
the way you imagine it does anyway.

Michael Ströder

2009-02-05 13:37:18 UTC

Permalink

Post by Adam Tauno Williams

Post by my mail
but it's okay if i use schemacheck off in my slapd.conf?

No. schemacheck off is always a bad idea; and it probably doesn't work
the way you imagine it does anyway.

"schemacheck off" is simpy ignored in recent versions of OpenLDAP.

See also OpenLDAP's Faq-O-Matic:
ldap add: invalid structural object class chain
http://www.openldap.org/faq/data/cache/883.html

Ciao, Michael.

my mail

2009-02-09 04:58:39 UTC

Permalink

Subject: [ldap] Re: how to fix (65) invalid structural object class chain (posixGroup/groupOfNames)?
Date: Thursday, February 5, 2009, 1:37 PM

Post by Adam Tauno Williams

Post by my mail
but it's okay if i use schemacheck off in my

slapd.conf?

Post by Adam Tauno Williams
No. schemacheck off is always a bad idea; and it

probably doesn't work

Post by Adam Tauno Williams
the way you imagine it does anyway.

"schemacheck off" is simpy ignored in recent
versions of OpenLDAP.
ldap add: invalid structural object class chain
http://www.openldap.org/faq/data/cache/883.html
Ciao, Michael.

thanks you for the reply
my slapd has running now.

but i still have one quiestion, where i can found about object class so when i start to making ldif, i can use it as reference to make my ldif clean not have object class from another object class

thanks you

Michael Ströder

2009-02-09 08:37:23 UTC

Permalink

Post by my mail
but i still have one quiestion, where i can found about object class
so when i start to making ldif, i can use it as reference to make my
ldif clean not have object class from another object class

Object classes are defined in various standardization documents. The
LDAPv3 standard object classes are defined in RFC 4519, posixAccount is
defined in RFC 2307. There are many other documents for various other
applications (like Samba etc.).

To examine the schema actually loaded on your server you should use a
decent schema browser. I'm using my web2ldap since IMHO the schema
browser is the most complete one. It shows all the forward and backward
cross references in the schema including inheritance and allows wildcard
searches for schema elements by their names. Being the author of
web2ldap I'm biased off course.

Ciao, Michael.