LDAP GOSA Pain and Suffering :)

Posted on by

It works! It finally works!
Well it is installed 🙂

apt-get install gosa was pretty straight forward, so onward to adding the schema files to openldap, this is where I hit problems.. I was following the instructions for Debian at : http://lena.franken.de/ldap/installing_gosa_debian_sarge.html and utterly failing at step 2 was quite demoralising 🙂 I kept trying removing various schema to enable slapd to start but no joy….
I was getting all sorts of weird errors such as:
root@telfs01:~/ldap/smbldap-installer# slaptest
/usr/share/doc/gosa/contrib/openldap/samba3.schema: line 185: Duplicate attributeType: "1.3.6.1.4.1.7165.2.1.24"
slaptest: bad configuration file!
root@telfs01:~/ldap/smbldap-installer# vim -N /etc/ldap/slapd.conf
root@telfs01:~/ldap/smbldap-installer# slaptest
/etc/ldap/schema/gosa+samba3.schema: line 292: AttributeType not found: "gotoLogonScript"
slaptest: bad configuration file!
root@telfs01:~/ldap/smbldap-installer# vim -N /etc/ldap/slapd.conf
root@telfs01:~/ldap/smbldap-installer# slaptest
/etc/ldap/schema/gosa+samba3.schema: line 292: AttributeType not found: "gotoLogonScript"
slaptest: bad configuration file!

Eventually I find out what is happening with a helping hand from Elleo over on #lugradio (cheers!) and it was a schema problem, now a load of stuff on the web about GOSA mention gohardware.schema but it looks like that has now been split into separate files, so the best thing I can recommend is that you just go to /etc/ldap/schema and just look for anything with the same age at the GOSA schema and bang it in 🙂 In my case :
root@telfs01:/etc/ldap/schema# ls -l

total 344

-rw-r--r-- 1 root root 8231 2006-12-13 15:56 corba.schema

-rw-r--r-- 1 root root 20591 2006-12-13 15:56 core.ldif

-rw-r--r-- 1 root root 19762 2006-12-13 15:56 core.schema

-rw-r--r-- 1 root root 74080 2006-12-13 15:56 cosine.schema

-rw-r--r-- 1 root root 1553 2006-12-13 15:56 dyngroup.schema

-rw-r--r-- 1 root root 1116 2007-02-05 13:48 goconfig.schema

-rw-r--r-- 1 root root 3284 2007-02-05 13:48 gofax.schema

-rw-r--r-- 1 root root 3775 2007-02-05 13:48 gofirewall.schema

-rw-r--r-- 1 root root 13032 2007-02-05 13:48 gofon.schema

-rw-r--r-- 1 root root 13640 2007-02-05 13:48 gosa+samba3.schema

-rw-r--r-- 1 root root 13507 2007-02-05 13:48 gosa.schema

-rw-r--r-- 1 root root 8552 2007-02-05 13:48 goserver.schema

-rw-r--r-- 1 root root 12421 2007-02-05 13:48 gosystem.schema

-rw-r--r-- 1 root root 2602 2007-02-05 13:48 goto-mime.schema

-rw-r--r-- 1 root root 6708 2007-02-05 13:48 goto.schema

-rw-r--r-- 1 root root 6360 2006-12-13 15:56 inetorgperson.schema

-rw-r--r-- 1 root root 13984 2006-12-13 15:56 java.schema

-rw-r--r-- 1 root root 2471 2006-12-13 15:56 misc.schema

-rw-r--r-- 1 root root 7723 2006-12-13 15:56 nis.schema

-rw-r--r-- 1 root root 3391 2006-12-13 15:56 openldap.ldif

-rw-r--r-- 1 root root 1601 2006-12-13 15:56 openldap.schema

-rw-r--r-- 1 root root 19689 2006-12-13 15:56 ppolicy.schema

-rw-r--r-- 1 root root 2968 2006-12-13 15:56 README

-rw-r--r-- 1 root root 16327 2007-07-16 14:44 samba.schema

-rw-r--r-- 1 root root 19059 2007-07-16 15:00 samba.schema.backup

I have put the ones I needed in bold 🙂

I am not sure if these need to be in a specific order but I have goto.schema near the end and gosa+samba.schema at the very end, so the top of my slapd.conf is :

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema

include /etc/ldap/schema/samba.schema
include /etc/ldap/schema/goconfig.schema
include /etc/ldap/schema/gofax.schema
include /etc/ldap/schema/gofirewall.schema
include /etc/ldap/schema/gofon.schema
include /etc/ldap/schema/goserver.schema
include /etc/ldap/schema/gosystem.schema
include /etc/ldap/schema/goto-mime.schema
include /etc/ldap/schema/goto.schema
include /etc/ldap/schema/gosa+samba3.schema

# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on

# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2

I am sure if it was not a Monday this would not have been so painful….

One thought on “LDAP GOSA Pain and Suffering :)

  1. Hey, thanks for putting this up, it’s really helping. My GOsa install is not working completely but I much closer than I was before.

    Now if this information was only in the GOsa FAQ or Wiki… 😉

Comments are closed.