none
openldap export - "object class violation error". RRS feed

  • Question

  • When I run openldap export, I am getting this error. Can any one help please? What are the required object classes hierarchy for openldap?

    Microsoft.MetadirectoryServices.ExtensibleExtensionException: An object class violation occurred.
       at Miis_CallExport.MiisExceptionsManager.ReportErrorToMiis(String errorMessage) in C:\SourceCode\OpenLDAP XMA\MIISExceptionsManager.cs:line 315
       at Miis_CallExport.OpenLDAPUtils.ExportEntry(TypeDescriptionCollection typeDescriptions, ModificationType modificationType, String[] changedAttributes, CSEntry csentry) in C:\SourceCode\OpenLDAP XMA\OpenLDAPUtils.cs:line 1914
       at Miis_CallExport.MACallExport.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry) in C:\SourceCode\OpenLDAP XMA\OpenLDAP XMA.cs:line 197

    Tuesday, December 18, 2012 10:01 PM

Answers

All replies

  • Doesn't that depend on your implementation of the OpenLDAP backend directory that you are hosting?

    Sounds like you are trying to create or modify a directory entry of a specific object class that either doesn't exist or you don't permissions to perform on.

    Friday, December 21, 2012 10:14 PM
  • The most likely cause is that a required attribute is missing; e.g., if you're exporting an inetOrgPerson, make sure 'sn' is populated.

    Steve Kradel, Zetetic LLC SMS OTP for FIM | Salesforce MA for FIM

    Monday, December 24, 2012 7:28 PM
  • sn is populated. I think it is looking for "entryUUID". For the new accounts provisioned to Ldap, how is entryUUID generated?
    Monday, December 24, 2012 7:30 PM
  • entryUuid should be system-generated--most likely there is some other required attribute missing, or alternately, trying to populate an attribute not available on the objectClass could have this effect.

    It would be helpful if you could post the full details of the export in progress.


    Steve Kradel, Zetetic LLC SMS OTP for FIM | Salesforce MA for FIM

    Monday, December 24, 2012 7:38 PM
  • Hello Steve,

    When I create a new MA for openldap, eventhough I use the correct credentials, I could not see all the attributes of the openldap schema in "Configure Attributes tab" of the ldap MA. Why is that so?

    Thursday, March 14, 2013 4:32 PM
  • While I haven't used the OpenLDAP MA, I doubt it includes schema discovery, being a version 1 ECMA... can you go ahead and add more attributes to suit, and/or create a new instance of an OpenLDAP MA with a more representative template file?

    You might also want to take a look at Mr. Granfeldt's Powershell MA, the homepage of which describes how to use it with generic LDAP with a set of pre-built extensions.


    Steve Kradel, Zetetic LLC SMS OTP for FIM | Salesforce MA for FIM

    Friday, March 15, 2013 4:08 AM