添加openLDAP base DN失败的根本原因是什么?
what is the root cause of adding openLDAP base DN failure?
我写了一个 openLDAP 客户端,使用它的 API 添加基础 dn.But 当程序 运行 时,会出现错误:
ldap_add: Type or value exists (20)
additional info: attribute 'objectClass' provided more than once
我的代码如下:
#include <stdio.h>
#include "ldap.h"
#define SERVERIP 172.0.1.4
#define ROOTDN "cn=root,dc=jc,dc=com"
#define ROOTPW "secret"
int main()
{
int protocol_version = LDAP_VERSION3;
int ret;
LDAP *ld;
if((ld = ldap_init(SERVERIP,LDAP_PORT) == NULL)
{
perror("ldap_init failed\n");
return 1;
}
ret = ldap_set_option(ld,LDAP_OPT_PROTOCOL_VERSION,&protocol_version);
if(ret != LDAP_SUCCESS)
{
fprintf(stderr,"ldap_select_version:%s\n",ldap_err2string(ret));
return 1;
}
ret = ldap_simple_bind_s(ld,ROOTDN,ROOTPW);
if(ret != LDAP_SUCCESS)
{
fprintf(stderr,"ldap_simple_bind_s:%s\n",ldap_err2string(ret));
return 1;
}
printf("add base dn\n");
char baseDN[] = "dc=jc,dc=com";
char *objVals1[] = {"organization",NULL};
char *objVals2[] = {"dcObject",NULL};
char *dcVals[] = {"jc",NULL};
char *oVals[] = {"jc Inc",NULL};
LDAPMod add1 = {LDAP_MOD_ADD,"objectClass",objVals1};
LDAPMod add2 = {LDAP_MOD_ADD,"objectClass",objVals2};
LDAPMod add3 = {LDAP_MOD_ADD,"dc",dcVals};
LDAPMod add4 = {LDAP_MOD_ADD,"o",oVals};
LDAPMod *addBase[] = {&add1,&add2,&add3,&add4,NULL};
if(ldap_add_ext_s(ld,baseDN,addBase,NULL,NULL) != LDAP_SUCCESS)
ldap_perror(ld,"ldap_add");
else
printf("ldap_add success\n");
ldap_unbind(ld);
}
我的代码有什么问题?
char *objVals1[] = {"organization",NULL};
char *objVals2[] = {"dcObject",NULL};
char *dcVals[] = {"jc",NULL};
char *oVals[] = {"jc Inc",NULL};
LDAPMod add1 = {LDAP_MOD_ADD,"objectClass",objVals1};
LDAPMod add2 = {LDAP_MOD_ADD,"objectClass",objVals2};
您将 objectClass 添加为两个单独的属性,每个属性都有一个值。它是一个多值属性,就像 LDAP 中的大多数属性一样,应该像这样添加:
char *objVals1[] = {"organization", "dcObject",NULL};
// ...
LDAPMod add1 = {LDAP_MOD_ADD,"objectClass",objVals1};
我写了一个 openLDAP 客户端,使用它的 API 添加基础 dn.But 当程序 运行 时,会出现错误:
ldap_add: Type or value exists (20)
additional info: attribute 'objectClass' provided more than once
我的代码如下:
#include <stdio.h>
#include "ldap.h"
#define SERVERIP 172.0.1.4
#define ROOTDN "cn=root,dc=jc,dc=com"
#define ROOTPW "secret"
int main()
{
int protocol_version = LDAP_VERSION3;
int ret;
LDAP *ld;
if((ld = ldap_init(SERVERIP,LDAP_PORT) == NULL)
{
perror("ldap_init failed\n");
return 1;
}
ret = ldap_set_option(ld,LDAP_OPT_PROTOCOL_VERSION,&protocol_version);
if(ret != LDAP_SUCCESS)
{
fprintf(stderr,"ldap_select_version:%s\n",ldap_err2string(ret));
return 1;
}
ret = ldap_simple_bind_s(ld,ROOTDN,ROOTPW);
if(ret != LDAP_SUCCESS)
{
fprintf(stderr,"ldap_simple_bind_s:%s\n",ldap_err2string(ret));
return 1;
}
printf("add base dn\n");
char baseDN[] = "dc=jc,dc=com";
char *objVals1[] = {"organization",NULL};
char *objVals2[] = {"dcObject",NULL};
char *dcVals[] = {"jc",NULL};
char *oVals[] = {"jc Inc",NULL};
LDAPMod add1 = {LDAP_MOD_ADD,"objectClass",objVals1};
LDAPMod add2 = {LDAP_MOD_ADD,"objectClass",objVals2};
LDAPMod add3 = {LDAP_MOD_ADD,"dc",dcVals};
LDAPMod add4 = {LDAP_MOD_ADD,"o",oVals};
LDAPMod *addBase[] = {&add1,&add2,&add3,&add4,NULL};
if(ldap_add_ext_s(ld,baseDN,addBase,NULL,NULL) != LDAP_SUCCESS)
ldap_perror(ld,"ldap_add");
else
printf("ldap_add success\n");
ldap_unbind(ld);
}
我的代码有什么问题?
char *objVals1[] = {"organization",NULL};
char *objVals2[] = {"dcObject",NULL};
char *dcVals[] = {"jc",NULL};
char *oVals[] = {"jc Inc",NULL};
LDAPMod add1 = {LDAP_MOD_ADD,"objectClass",objVals1};
LDAPMod add2 = {LDAP_MOD_ADD,"objectClass",objVals2};
您将 objectClass 添加为两个单独的属性,每个属性都有一个值。它是一个多值属性,就像 LDAP 中的大多数属性一样,应该像这样添加:
char *objVals1[] = {"organization", "dcObject",NULL};
// ...
LDAPMod add1 = {LDAP_MOD_ADD,"objectClass",objVals1};