我通过运行向 LDAP 数据库添加了一个属性
ldapmodify -QY EXTERNAL -H ldapi:/// -f openssh-lpk.schema
以 root 身份,其中openssh-lpk.schema包含以下内容:
# Author: Eric AUGE <[email protected]>
#
# Based on the proposal of : Mark Ruijter
#
version: 1
dn: cn=openssh-lpk,cn=schema,cn=config
changetype: add
cn: openssh-lpk
objectClass: olcSchemaConfig
olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey'
DESC 'OpenSSH Public key'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcObjectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
DESC 'OpenSSH LPK objectclass'
MUST uid
MAY sshPublicKey )
dn: cn={5}inetorgperson,cn=schema,cn=config
changetype: modify
replace: olcObjectClasses
olcObjectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RF
C2798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL
MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayNam
e $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddre
ss $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ page
r $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIden
tifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 $ sshPublicK
ey ) )
这很有效——我可以修改用户以将他们的公钥详细信息添加到他们的记录中,然后从其他客户端读取该数据。
当我尝试使用以下方法备份数据库时出现问题slapcat:
5b044b38 olcObjectClasses: value #0 olcObjectClasses: AttributeType not found: "sshPublicKey"
5b044b38 config error processing cn={5}inetorgperson,cn=schema,cn=config: olcObjectClasses: AttributeType not found: "sshPublicKey"
slapcat: bad configuration file!
我做错了什么以至于slapcat看不到其定义sshPublicKey?
答案1
您不应该修改inetorgperson。没有必要这么做。任意数量的AUXILIARYObjectClass 都可以共存(一个STRUCTURALobjectClass)。
如果你重新启动 slapd,它可能会没问题。