# [solved] openldap ldap_add: Naming violation (64)

## elmar283

I am following the guide on http://www.gentoo-wiki.info/OpenLDAP.

I first tried the guide on http://www.gentoo.org/doc/en/ldap-howto.xml but that also didn't work out.

This is what I want to achieve:

- I want to run an openldap server and put my addresses in there. I don't need to connect to an other ldap-server.

- From there I want to use my mailprograms to access that ldap-server.

- my domain is: eotter1979.xs4all.nl, so I asume on ldap this would be: "dc=eotter1979,dc=xs4all,dc=nl"

- my username is: masterserver: "ou=masterserver"?

- My cn is now root, but I would like it to be "elmarotter" when evertyting works

So far I managed to let slapd run. When I try "ldapadd -x -D "cn=root,dc=eotter1979,dc=xs4all,dc=nl" -W -f base.ldif" I get:

```

masterserver ~ # ldapadd -x -D "cn=root,dc=eotter1979,dc=xs4all,dc=nl" -W -f base.ldif 

Enter LDAP Password: 

adding new entry "dc=eotter1979,dc=xs4all,dc=nl"

ldap_add: Naming violation (64)

   additional info: value of single-valued naming attribute 'dc' conflicts with value present in entry

```

```

elmarotter@masterserver ~ $ sudo ldapsearch -x -s base -b "" 

# extended LDIF

#

# LDAPv3

# base <> with scope baseObject

# filter: (objectclass=*)

# requesting: ALL

#

#

dn:

objectClass: top

objectClass: OpenLDAProotDSE

# search result

search: 2

result: 0 Success

# numResponses: 2

# numEntries: 1

```

```

elmarotter@masterserver ~ $ sudo ldapsearch -x -D "cn=root,dc=eotter1979,dc=xs4all,dc=nl" -W

Enter LDAP Password: 

# extended LDIF

#

# LDAPv3

# base <dc=eotter1979,dc=xs4all,dc=nl> (default) with scope subtree

# filter: (objectclass=*)

# requesting: ALL

#

# search result

search: 2

result: 32 No such object

# numResponses: 1

```

So far it is not successful. Does anyone know what I'm doing wrong?

Here are my config files:

```

masterserver ~ # cat base.ldif 

dn: dc=eotter1979,dc=xs4all,dc=nl

objectclass: organization

objectclass: dcObject

o: My Domain Name

dc: eotter1979.xs4all.nl

description: My new LDAP domain

dn: ou=Hosts,dc=eotter1979,dc=xs4all,dc=nl

ou: Hosts

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Rpc,dc=eotter1979,dc=xs4all,dc=nl

ou: Rpc

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Services,dc=eotter1979,dc=xs4all,dc=nl

ou: Services

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: nisMapName=netgroup.byuser,dc=eotter1979,dc=xs4all,dc=nl

nismapname: netgroup.byuser

objectClass: top

objectClass: nisMap

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Mounts,dc=eotter1979,dc=xs4all,dc=nl

ou: Mounts

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Networks,dc=eotter1979,dc=xs4all,dc=nl

ou: Networks

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=People,dc=eotter1979,dc=xs4all,dc=nl

ou: People

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Group,dc=eotter1979,dc=xs4all,dc=nl

ou: Group

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Netgroup,dc=eotter1979,dc=xs4all,dc=nl

ou: Netgroup

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Protocols,dc=eotter1979,dc=xs4all,dc=nl

ou: Protocols

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: ou=Aliases,dc=eotter1979,dc=xs4all,dc=nl

ou: Aliases

objectClass: top

objectClass: organizationalUnit

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

dn: nisMapName=netgroup.byhost,dc=eotter1979,dc=xs4all,dc=nl

nismapname: netgroup.byhost

objectClass: top

objectClass: nisMap

objectClass: domainRelatedObject

associatedDomain: eotter1979.xs4all.nl

```

```

elmarotter@masterserver ~ $ sudo cat /etc/openldap/slapd.conf

Wachtwoord: 

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include      /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/nis.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral   ldap://root.openldap.org

pidfile      /var/run/openldap/slapd.pid

argsfile   /var/run/openldap/slapd.args

# Load dynamic backend modules:

modulepath   /usr/lib/openldap/openldap

# moduleload   back_sock.so

# moduleload   back_shell.so

# moduleload   back_relay.so

# moduleload   back_perl.so

# moduleload   back_passwd.so

# moduleload   back_null.so

# moduleload   back_monitor.so

# moduleload   back_meta.so

moduleload    back_hdb.so

# moduleload   back_ldap.so

# moduleload   back_dnssrv.so

# Sample security restrictions

#   Require integrity protection (prevent hijacking)

#   Require 112-bit (3DES or better) encryption for updates

#   Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#   Root DSE: allow anyone to read it

#   Subschema (sub)entry DSE: allow anyone to read it

#   Other DSEs:

#      Allow self write access

#      Allow authenticated users read access

#      Allow anonymous users to authenticate

#   Directives needed to implement policy:

access to dn.base="" by * read

access to dn.base="cn=Subschema" by * read

access to *

   by self write

   by users read

   by anonymous auth

#

# if no access controls are present, the default policy

# allows anyone and everyone to read anything but restricts

# updates to rootdn.  (e.g., "access to * by * read")

#

# rootdn can always read and write EVERYTHING!

#######################################################################

# BDB database definitions

#######################################################################

database   hdb

suffix      "dc=eotter1979,dc=xs4all,dc=nl"

#         <kbyte> <min>

checkpoint   32   30 

rootdn      "cn=root,dc=eotter1979,dc=xs4all,dc=nl"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw      <deleted slappasswd>

# The database directory MUST exist prior to running slapd AND 

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory   /var/lib/openldap-data

# Indices to maintain

index   objectClass   eq

```

```

#

# LDAP Defaults

#

# See ldap.conf(5) for details

# This file should be world readable but not world writable.

BASE   dc=eotter1979,dc=xs4all,dc=nl

URI   ldap://eotter1979.xs4all.nl

TLS_REQCERT  allow

TLS_CERT        /etc/ssl/ldap.pem

TLS_KEY         /etc/openldap/ldap-key.pem

#SIZELIMIT   12

#TIMELIMIT   2

#DEREF      never

```

```

# conf.d file for openldap

#

# To enable both the standard unciphered server and the ssl encrypted

# one uncomment this line or set any other server starting options

# you may desire.

# If you have multiple slapd instances per #376699, this will provide a default config

INSTANCE="openldap${SVCNAME#slapd}"

# If you use the classical configuration file:

   

#File: /etc/conf.d/slapd

OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"

OPTS_CONF="-f /etc/openldap/slapd.conf"

# Uncomment this instead to use the new slapd.d configuration directory for openldap 2.3

#OPTS_CONF="-F /etc/${INSTANCE}/slapd.d"

# (the OPTS_CONF variable is also passed to slaptest during startup)

# Optional connectionless LDAP:

#OPTS="${OPTS_CONF} -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock cldap://'"

#OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"

# If you change the above listen statement to bind on a specific IP for

# listening, you should ensure that interface is up here (change eth0 as

# needed).

#rc_need="net.eth0"

# Specify the kerberos keytab file

#KRB5_KTNAME=/etc/openldap/krb5-ldap.keytab

#include         /etc/openldap/schema/core.schema

#include         /etc/openldap/schema/cosine.schema

#include         /etc/openldap/schema/inetorgperson.schema

#include         /etc/openldap/schema/extension.schema

                                                                                                                                                                                                                                                                                           

#pidfile         /var/run/openldap/slapd.pid

#argsfile        /var/run/openldap/slapd.args

```

Last edited by elmar283 on Fri Oct 26, 2012 12:50 pm; edited 1 time in total

----------

## elmar283

I think I found the broblem here:

http://ubuntuforums.org/showthread.php?t=1617412

The problem was with the file "base.ldif" on line 5:

I changed "dc: eotter1979.xs4all.nl" to "dc: eotter1979".

Now "ldapadd" seems to work:

```

masterserver ~ # ldapadd -x -D "cn=root,dc=eotter1979,dc=xs4all,dc=nl" -W -f base.ldif 

Enter LDAP Password: 

adding new entry "dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Hosts,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Rpc,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Services,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "nisMapName=netgroup.byuser,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Mounts,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Networks,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=People,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Group,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Netgroup,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Protocols,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "ou=Aliases,dc=eotter1979,dc=xs4all,dc=nl"

adding new entry "nisMapName=netgroup.byhost,dc=eotter1979,dc=xs4all,dc=nl"

```

----------

