0

I want to initially add a couple of organisations. So I created an organisations.ldif in order to add them via

ldapadd -Q -Y EXTERNAL -H ldapi:/// -W -f organisations.ldif

My file looks like this

dn: dc=example,dc=com
o: org1
objectClass: top
objectClass: organization
description: Organisational container for #1

dn: dc=example,dc=com
o: org2
objectClass: top
objectClass: organization
description: Organisational container for #2

But I get the error

adding new entry "dc=example,dc=com"
ldap_add: Object class violation (65)
        additional info: attribute 'dc' not allowed

What's wrong here?

Gottlieb Notschnabel
  • 119
  • 7
  • Maybe a result of your redacting, but you're adding the same dn twice: `dn: dc=example,dc=com` which likely to fail – HBruijn Sep 08 '15 at 08:42
  • I thought that line is telling into what directory the new entry goes. What would I have to change into? `dn: o=org1,dc=example,dc=com`? – Gottlieb Notschnabel Sep 08 '15 at 08:49

1 Answers1

1

The DN (or "distinguished name") of an LDAP entry isn't "the directory into which this entry goes", it is like the primary key of a database record -- it needs to be unique.

In each case, the DN for the entry should include the value of the o attribute, as you described in your comment:

dn: o=org1,dc=example,dc=com
o: org1
objectClass: top
objectClass: organization
description: Organisational container for #1

dn: o=org2,dc=example,dc=com
o: org2
objectClass: top
objectClass: organization
description: Organisational container for #2

Yes, it unnecessarily duplicates information. Welcome to LDAP, where everything you know about databases comes to die.

womble
  • 96,255
  • 29
  • 175
  • 230