Global Security Forum

Hi all,

I'm trying to add some Attributes and Object Classes to the local LDAP. It looks that I'm not able connecting to cn=config. At least adding an attribute or objectclass ends up in an error which I can't interpret. The ISAM LDAP log shows some funny stuff, which I can't find the error. Does anybody know how to change the schema?

373 5ef21a88 >>> dnPrettyNormal: <cn=schema,cn=config>
374 5ef21a88 <<< dnPrettyNormal: <cn=schema,cn=config>, <cn=schema,cn=config>
375 5ef21a88 send_ldap_result: conn=1000 op=20 p=3
376 5ef21a88 send_ldap_response: msgid=21 tag=105 err=17
377 ber_flush2: 43 bytes to sd 32
378 5ef21a88 connection_get(32): got connid=1000
379 5ef21a88 connection_read(32): checking for input on id=1000
380 ber_get_next
381 ber_get_next: tag 0x30 len 261 contents:
382 5ef21a88 op tag 0x68, time 1592924808
383 ber_get_next
384 5ef21a88 conn=1000 op=21 do_add
385 ber_scanf fmt ({m) ber:
386 ber_scanf fmt ({m{W}}) ber:
387 ber_scanf fmt ({m{W}}) ber:
388 ber_scanf fmt (}) ber:
389 5ef21a88 >>> dnPrettyNormal: <cn=schema,cn=config>
390 5ef21a88 <<< dnPrettyNormal: <cn=schema,cn=config>, <cn=schema,cn=config>
391 5ef21a88 send_ldap_result: conn=1000 op=21 p=3
392 5ef21a88 send_ldap_response: msgid=22 tag=105 err=17
393 ber_flush2: 43 bytes to sd 32

------------------------------
Jens Petersen
------------------------------

Hi Jens,

You can't modify the schema of the built-in LDAP of ISAM. If you need this flexibility you'd have to deploy an external LDAP (such as the IBM Directory Server that is bundled with ISAM Virtual Edition)

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------

Original Message:
Sent: Tue June 23, 2020 11:09 AM
From: Jens Petersen
Subject: ISAM Appliance: Changing schema of local LDAP

Hi all,

I'm trying to add some Attributes and Object Classes to the local LDAP. It looks that I'm not able connecting to cn=config. At least adding an attribute or objectclass ends up in an error which I can't interpret. The ISAM LDAP log shows some funny stuff, which I can't find the error. Does anybody know how to change the schema?

373 5ef21a88 >>> dnPrettyNormal: <cn=schema,cn=config>
374 5ef21a88 <<< dnPrettyNormal: <cn=schema,cn=config>, <cn=schema,cn=config>
375 5ef21a88 send_ldap_result: conn=1000 op=20 p=3
376 5ef21a88 send_ldap_response: msgid=21 tag=105 err=17
377 ber_flush2: 43 bytes to sd 32
378 5ef21a88 connection_get(32): got connid=1000
379 5ef21a88 connection_read(32): checking for input on id=1000
380 ber_get_next
381 ber_get_next: tag 0x30 len 261 contents:
382 5ef21a88 op tag 0x68, time 1592924808
383 ber_get_next
384 5ef21a88 conn=1000 op=21 do_add
385 ber_scanf fmt ({m) ber:
386 ber_scanf fmt ({m{W}}) ber:
387 ber_scanf fmt ({m{W}}) ber:
388 ber_scanf fmt (}) ber:
389 5ef21a88 >>> dnPrettyNormal: <cn=schema,cn=config>
390 5ef21a88 <<< dnPrettyNormal: <cn=schema,cn=config>, <cn=schema,cn=config>
391 5ef21a88 send_ldap_result: conn=1000 op=21 p=3
392 5ef21a88 send_ldap_response: msgid=22 tag=105 err=17
393 ber_flush2: 43 bytes to sd 32

------------------------------
Jens Petersen
------------------------------

Original Message:
Sent: 6/29/2020 3:30:00 PM
From: Jon Harry
Subject: RE: ISAM Appliance: Changing schema of local LDAP

Hi Jens,

You can't modify the schema of the built-in LDAP of ISAM. If you need this flexibility you'd have to deploy an external LDAP (such as the IBM Directory Server that is bundled with ISAM Virtual Edition)

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------

Original Message:
Sent: Tue June 23, 2020 11:09 AM
From: Jens Petersen
Subject: ISAM Appliance: Changing schema of local LDAP

Hi all,

I'm trying to add some Attributes and Object Classes to the local LDAP. It looks that I'm not able connecting to cn=config. At least adding an attribute or objectclass ends up in an error which I can't interpret. The ISAM LDAP log shows some funny stuff, which I can't find the error. Does anybody know how to change the schema?

373 5ef21a88 >>> dnPrettyNormal: <cn=schema,cn=config>
374 5ef21a88 <<< dnPrettyNormal: <cn=schema,cn=config>, <cn=schema,cn=config>
375 5ef21a88 send_ldap_result: conn=1000 op=20 p=3
376 5ef21a88 send_ldap_response: msgid=21 tag=105 err=17
377 ber_flush2: 43 bytes to sd 32
378 5ef21a88 connection_get(32): got connid=1000
379 5ef21a88 connection_read(32): checking for input on id=1000
380 ber_get_next
381 ber_get_next: tag 0x30 len 261 contents:
382 5ef21a88 op tag 0x68, time 1592924808
383 ber_get_next
384 5ef21a88 conn=1000 op=21 do_add
385 ber_scanf fmt ({m) ber:
386 ber_scanf fmt ({m{W}}) ber:
387 ber_scanf fmt ({m{W}}) ber:
388 ber_scanf fmt (}) ber:
389 5ef21a88 >>> dnPrettyNormal: <cn=schema,cn=config>
390 5ef21a88 <<< dnPrettyNormal: <cn=schema,cn=config>, <cn=schema,cn=config>
391 5ef21a88 send_ldap_result: conn=1000 op=21 p=3
392 5ef21a88 send_ldap_response: msgid=22 tag=105 err=17
393 ber_flush2: 43 bytes to sd 32

------------------------------
Jens Petersen
------------------------------