Modify memberUid attribute in openldap to be case insensitive

0
votes

I would like to modify my openldap schema to make memberUid case insensitive. Looking in /etc/ldap/slapd.d/cn=config/cn=schema/cn={2}nis.ldif:

dn: cn={2}nis
objectClass: olcSchemaConfig
cn: {2}nis
olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExac
 tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12
 1.1.26 )

I tried the following:

$ ldapmodify -h localhost -x
dn: cn={2}nis           
changetype: modify
replace: olcAttributeTypes
olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

But I got the following error:

modifying entry "cn={2}nis" ldap_modify: Server is unwilling to perform (53) additional info: no global superior knowledge

I also tried using objectClass instead of olcAttributeTypes, but received the following:

modifying entry "cn={2}nis" ldap_modify: Invalid syntax (21) additional info: objectClass: value #0 invalid per syntax

Can someone point me in the right direction? I have found a lot of documentation on adding new attributes and objectclasses, but not much on modifying the existing schema.

1
ldapopenldap

1 Answers

1
votes

I'm talking here about common ldap operations, it could be different when tweaking the configuration.

I never tried to modify only one value in a set of a multivalued attribute, what I do in this case is delete the value I want to modify and add the new one :

Something like : 

dn: cn={2}nis,cn=schema,cn=config
changetype: modify
delete: olcAttributeTypes
olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
add: olcAttributeTypes
olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )