I've got to modify the schema (MS ADAM) and I'm logged in as 'lawson' user in LID. I've got the schema and LDAP already created, and I used Schema administrator tool to make the changes I need. Now I'm ready to import. I've got the LDAP administrator DN ok and I can log in to the LDAP using Jxplorer, etc.
This is WIndows OS, LSF 9.0.0.5
When I run the ldifde command I'm getting the error Insufficient Rights which tells me I need to have Schema Adminstrator rights on the ldap.
Can anyone tell me where or how to create the Schema Administrator? Or if it's already created, where is it? I looked on the OS for Schema Admins groups but I didn't see it.
Thanks in advance for your help,
Roger
Posted By Jimmy Chiu on 12/02/2009 02:41 PM You have to add "lawson" as your ldap administrator if you don't have the install LDAP administrator account. Open up ADSI Edit and log to your ldap server, open up your lawson instance container > roles > administrators, open up the properties, then add your "lawson" account as member of adminsitrators
Nope, I added the 'lawson' user as a member of Administrators in ADSI Edit. I saved and logged off and rebooted server. I retried the import and it gave me the same "Insufficient Rights" error.
Here is the error listing from the ldif.log file (I'm masking the server name with ****'s).
Connecting to "***********.********.net"
Logging in as "cn=ldapadmin,o=lwsn,dc=*********,dc=net" using simple bind
Importing directory from file "schema.ldif"
Loading entries 1: cn=zzlwsnattrBuyerCode,CN=Schema,CN=Configuration,CN={28BCF151-F8D5-457E-A0DF-0E9EB6CED195} Entry DN: cn=zzlwsnattrBuyerCode,CN=Schema,CN=Configuration,CN={28BCF151-F8D5-457E-A0DF-0E9EB6CED195} changetype: add Attribute 0) adminDisplayName:zzlwsnattrBuyerCode Attribute 1) attributeID:1.2.840.114247.2.4.1.1.62 Attribute 2) rangeUpper:9 Attribute 3) attributeSyntax:2.5.5.12 Attribute 4) cn:zzlwsnattrBuyerCode Attribute 5) isSingleValued:TRUE Attribute 6) lDAPDisplayName:zzlwsnattrBuyerCode Attribute 7) objectClass:attributeSchema Attribute 8) oMSyntax:64
Add error on line 1: Insufficient Rights
The server side error is "Access is denied."
0 entries modified successfully.
An error has occurred in the program
And here is the file head I'm trying to import:
dn: cn=zzlwsnattrBuyerCode,CN=Schema,CN=Configuration,CN={28BCF151-F8D5-457E-A0DF-0E9EB6CED195} changetype: add adminDisplayName: zzlwsnattrBuyerCode attributeID: 1.2.840.114247.2.4.1.1.62 rangeUpper: 9 attributeSyntax: 2.5.5.12 cn: zzlwsnattrBuyerCode isSingleValued: TRUE lDAPDisplayName: zzlwsnattrBuyerCode objectClass: attributeSchema oMSyntax: 64
dn: cn=zzlwsnattrBuyerCode,CN=Schema,CN=Configuration,CN={28BCF151-F8D5-457E-A0DF-0E9EB6CED195}
changetype: add
adminDisplayName: zzlwsnattrBuyerCode
attributeID: 1.2.840.114247.2.4.1.1.62
rangeUpper: 9
attributeSyntax: 2.5.5.12
cn: zzlwsnattrBuyerCode
isSingleValued: TRUE
lDAPDisplayName: zzlwsnattrBuyerCode
objectClass: attributeSchema
oMSyntax: 64
Any ideas?????
---Roger
"Logging in as "cn=ldapadmin,o=lwsn,dc=*********,dc=net" using simple bind" can you login as "lawson" instead since "lawson" is enabled as administrator.
Yes thanks Jimmy. That was it. I logged in as the 'lawson' user, not as the ldap administrator.