Hi,
I have a set of custom attributes that were successfully used with FreeIPA version 4.2. Now I’m trying to make them work in the latest version but keep getting an error:
ipalib.backend: DEBUG: Created connection context.ldap2_139877799582288 ipapython.ipaldap: DEBUG: retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f37d5fc15a8> ipaserver.install.schemaupdate: DEBUG: Processing schema LDIF file employee-a.ldif ipapython.admintool: DEBUG: File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_ldap_updater.py", line 143, in run ldapi=True) or modified File "/usr/lib/python2.7/site-packages/ipaserver/install/schemaupdate.py", line 129, in update_schema _dn, new_schema = ldap.schema.subentry.urlfetch(url) File "/usr/lib64/python2.7/site-packages/ldap/schema/subentry.py", line 480, in urlfetch ldif_file = urllib.urlopen(uri) File "/usr/lib64/python2.7/urllib.py", line 87, in urlopen return opener.open(url) File "/usr/lib64/python2.7/urllib.py", line 208, in open return getattr(self, name)(url) File "/usr/lib64/python2.7/urllib.py", line 461, in open_file return self.open_ftp(url) File "/usr/lib64/python2.7/urllib.py", line 520, in open_ftp host = socket.gethostbyname(host)
ipapython.admintool: DEBUG: The ipa-ldap-updater command failed, exception: IOError: [Errno socket error] [Errno -2] Name or service not known ipapython.admintool: ERROR: Unexpected error - see /var/log/ipaupgrade.log for details: IOError: [Errno socket error] [Errno -2] Name or service not known ipapython.admintool: ERROR: The ipa-ldap-updater command failed.
So far I tried version 4.6.4 and 4.7.2. Here are the ldif files that are used for adding attributes and objectless information.
employee-attrs.ldif: dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.25.128424792425578037463837247958458780603.1 NAME 'github' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributeTypes: ( 2.25.128424792425578037463837247958458780603.2 NAME 'squad' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
employee-objectclass.ldif dn: cn=schema changetype: modify add: objectclasses objectclasses: ( 2.25.128424792425578037463837247958458780603.100 NAME 'Employee' SUP person STRUCTURAL MAY ( github $ squad ) X-ORIGIN 'Extending FreeIPA')
On to, 09 touko 2019, Boris Cheperis via FreeIPA-users wrote:
Hi,
I have a set of custom attributes that were successfully used with FreeIPA version 4.2. Now I’m trying to make them work in the latest version but keep getting an error:
ipalib.backend: DEBUG: Created connection context.ldap2_139877799582288 ipapython.ipaldap: DEBUG: retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f37d5fc15a8> ipaserver.install.schemaupdate: DEBUG: Processing schema LDIF file employee-a.ldif
How do you pass it to ipa-ldap-updater? From the debug output above it looks like you are doing it like
ipa-ldap-updater -S employee-a.ldif
Is that right? Can you try passing the full path?
ipa-ldap-updater -S `pwd`/employee-a.ldif
ipapython.admintool: DEBUG: File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_ldap_updater.py", line 143, in run ldapi=True) or modified File "/usr/lib/python2.7/site-packages/ipaserver/install/schemaupdate.py", line 129, in update_schema _dn, new_schema = ldap.schema.subentry.urlfetch(url) File "/usr/lib64/python2.7/site-packages/ldap/schema/subentry.py", line 480, in urlfetch ldif_file = urllib.urlopen(uri) File "/usr/lib64/python2.7/urllib.py", line 87, in urlopen return opener.open(url) File "/usr/lib64/python2.7/urllib.py", line 208, in open return getattr(self, name)(url) File "/usr/lib64/python2.7/urllib.py", line 461, in open_file return self.open_ftp(url) File "/usr/lib64/python2.7/urllib.py", line 520, in open_ftp host = socket.gethostbyname(host)
ipapython.admintool: DEBUG: The ipa-ldap-updater command failed, exception: IOError: [Errno socket error] [Errno -2] Name or service not known ipapython.admintool: ERROR: Unexpected error - see /var/log/ipaupgrade.log for details: IOError: [Errno socket error] [Errno -2] Name or service not known ipapython.admintool: ERROR: The ipa-ldap-updater command failed.
So far I tried version 4.6.4 and 4.7.2. Here are the ldif files that are used for adding attributes and objectless information.
employee-attrs.ldif: dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.25.128424792425578037463837247958458780603.1 NAME 'github' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributeTypes: ( 2.25.128424792425578037463837247958458780603.2 NAME 'squad' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
employee-objectclass.ldif dn: cn=schema changetype: modify add: objectclasses objectclasses: ( 2.25.128424792425578037463837247958458780603.100 NAME 'Employee' SUP person STRUCTURAL MAY ( github $ squad ) X-ORIGIN 'Extending FreeIPA')
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
Alexander,
using the full path solved the issue. Thank you!
On May 9, 2019, at 11:35 PM, Alexander Bokovoy abokovoy@redhat.com wrote:
On to, 09 touko 2019, Boris Cheperis via FreeIPA-users wrote:
Hi,
I have a set of custom attributes that were successfully used with FreeIPA version 4.2. Now I’m trying to make them work in the latest version but keep getting an error:
ipalib.backend: DEBUG: Created connection context.ldap2_139877799582288 ipapython.ipaldap: DEBUG: retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket <ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket ldapi://%2fvar%2frun%2fslapd-DATAROBOT-COM.socket> conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f37d5fc15a8> ipaserver.install.schemaupdate: DEBUG: Processing schema LDIF file employee-a.ldif
How do you pass it to ipa-ldap-updater? From the debug output above it looks like you are doing it like
ipa-ldap-updater -S employee-a.ldif
Is that right? Can you try passing the full path?
ipa-ldap-updater -S `pwd`/employee-a.ldif
ipapython.admintool: DEBUG: File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_ldap_updater.py", line 143, in run ldapi=True) or modified File "/usr/lib/python2.7/site-packages/ipaserver/install/schemaupdate.py", line 129, in update_schema _dn, new_schema = ldap.schema.subentry.urlfetch(url) File "/usr/lib64/python2.7/site-packages/ldap/schema/subentry.py", line 480, in urlfetch ldif_file = urllib.urlopen(uri) File "/usr/lib64/python2.7/urllib.py", line 87, in urlopen return opener.open(url) File "/usr/lib64/python2.7/urllib.py", line 208, in open return getattr(self, name)(url) File "/usr/lib64/python2.7/urllib.py", line 461, in open_file return self.open_ftp(url) File "/usr/lib64/python2.7/urllib.py", line 520, in open_ftp host = socket.gethostbyname(host)
ipapython.admintool: DEBUG: The ipa-ldap-updater command failed, exception: IOError: [Errno socket error] [Errno -2] Name or service not known ipapython.admintool: ERROR: Unexpected error - see /var/log/ipaupgrade.log for details: IOError: [Errno socket error] [Errno -2] Name or service not known ipapython.admintool: ERROR: The ipa-ldap-updater command failed.
So far I tried version 4.6.4 and 4.7.2. Here are the ldif files that are used for adding attributes and objectless information.
employee-attrs.ldif: dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.25.128424792425578037463837247958458780603.1 NAME 'github' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributeTypes: ( 2.25.128424792425578037463837247958458780603.2 NAME 'squad' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
employee-objectclass.ldif dn: cn=schema changetype: modify add: objectclasses objectclasses: ( 2.25.128424792425578037463837247958458780603.100 NAME 'Employee' SUP person STRUCTURAL MAY ( github $ squad ) X-ORIGIN 'Extending FreeIPA')
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org mailto:freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org mailto:freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste... https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
-- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland
freeipa-users@lists.fedorahosted.org