Re: Newbie Advice on Schema Change

From: BryanV (nobody_at_nowhere.invalid)
Date: 03/27/04

• Next message: Bill Chaffin: "locked out!!!"
• Previous message: Dmitri Gavrilov [MSFT]: "Re: Newbie Advice on Schema Change"
• In reply to: Dmitri Gavrilov [MSFT]: "Re: Newbie Advice on Schema Change"
• Next in thread: b: "Re: Newbie Advice on Schema Change"
• Reply: b: "Re: Newbie Advice on Schema Change"
• Messages sorted by: [ date ] [ thread ]

Date: Fri, 26 Mar 2004 16:36:20 -0800

Bad news. It worked well on ADAM, but when I run the script on my Win2K
domain controller, I get the following error. I made sure that the reg
value to allow updates was set, and I ran the script from the domain
controller while logged in as administrator. I don't know what useful
information I can extrace from this error message. Ideas?

----------------------------------------------------------------------

Connecting to "homebase.twistpair.local"
Logging in as current user using SSPI
Importing directory from file "tpsWaveProfile.ldf"
Loading entries
1: cn=tpsWaveProfile,cn=schema,cn=configuration,dc=x
Entry DN: cn=tpsWaveProfile,cn=schema,cn=configuration,dc=x
change: add
Attribute 0) objectclass:attributeSchema
Attribute 1) lDAPDisplayName:tpsWaveProfile
Attribute 2)
attributeId:1.2.840.113556.1.5.7000.111.3645191.1610327.5478013.8821365.9924
066.1
Attribute 3) oMSyntax:20
Attribute 4) attributeSyntax:2.5.5.4
Attribute 5) description:Twisted Pair Solutions WAVE profile name

Add error on line 1: Referral
The server side error is "A referral was returned from the server."
0 entries modified successfully.
An error has occurred in the program

----------------------------------------------------------------------

Here is the LDIF script:

dn: cn=tpsWaveProfile,cn=schema,cn=configuration,dc=x
changetype: add
objectclass: attributeSchema
lDAPDisplayName: tpsWaveProfile
attributeId:
1.2.840.113556.1.5.7000.111.3645191.1610327.5478013.8821365.9924066.1
oMSyntax: 20
attributeSyntax: 2.5.5.4
description: Twisted Pair Solutions WAVE profile name

dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-

dn: cn=user,cn=schema,cn=configuration,dc=x
changetype: modify
add: mayContain
mayContain: tpsWaveProfile
-

dn:
changetype: Modify
add: schemaUpdateNow
schemaUpdateNow: 1
-

-------------------------------------------------------------

 And here is the command line to run it:

ldifde -i -f tpsWaveProfile.ldf -k -j . -c "CN=Schema,CN=Configuration,DC=X"
#schemaNamingContext

(also tried the above with "-s localhost" when running on the Domain
controller)

Thanks,
Bryan

"Dmitri Gavrilov [MSFT]" <dmitrig@online.microsoft.com> wrote in message
news:eEJ1FD5EEHA.1240@TK2MSFTNGP10.phx.gbl...
> Yes, if your target directory is AD, then you can count on user class
being
> present.
> BTW, another advice -- register yourself an OID prefix -- there's a page
on
> MSDN that allows you to do this. That way, you can be sure that nobody is
> going to step on your attribute OID.
>
> --
> Dmitri Gavrilov
> SDE, Active Directory Core
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
> "BryanV" <nobody@nowhere.invalid> wrote in message
> news:e25uGh4EEHA.3424@tk2msftngp13.phx.gbl...
> > Thank you very much, Dmitri -- your change did the trick and the import
> > works now.
> >
> > My question about "a better class" refers to the fact that there are
many
> > different classes, e.g. user, person, inetOrgPerson -- I don't know
> anything
> > about the forest where this application will be deployed, so I was
asking
> > about the most ubiquitous class used to represent users. If "user" is
> truly
> > ubiquitous, then I would expect it to be built in. Perhaps it is built
in
> > to the Win2K and Win2003 schemas, but just not ADAM.
> >
> > So, when deploying into production AD environments, can I count on the
> > presence of the "user" class in the schema?
> >
> >
> > "Dmitri Gavrilov [MSFT]" <dmitrig@online.microsoft.com> wrote in message
> > news:upqffG3EEHA.696@TK2MSFTNGP12.phx.gbl...
> > > Here is what you need to do:
> > >
> > > dn: cn=acmeProfileName,cn=schema,cn=configuration,dc=x
> > > changetype: ntdsschemaadd
> > > objectclass: attributeSchema
> > > lDAPDisplayName: acmeProfileName
> > > attributeId: 1.3.6.1.4.1.999.1.1.28.314355
> > > oMSyntax: 20
> > > attributeSyntax: 2.5.5.4
> > >
> > > dn:
> > > changetype: modify
> > > add: schemaUpdateNow
> > > schemaUpdateNow: 1
> > > -
> > >
> > > dn: cn=user,cn=schema,cn=configuration,dc=x
> > > changetype: modify
> > > add: mayContain
> > > mayContain: acmeProfileName
> > > -
> > >
> > > dn:
> > > changetype: Modify
> > > add: schemaUpdateNow
> > > schemaUpdateNow: 1
> > > -
> > >
> > > Note however, that this will fail if you don't have user class
imported.
> > It
> > > is possible to have an ADAM without user class. I don't understand
your
> > > question re "is there a better class to attach it to". Will your
> > application
> > > function if there are no users?
> > >
> > >
> > > --
> > > Dmitri Gavrilov
> > > SDE, Active Directory Core
> > >
> > > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > > Use of included script samples are subject to the terms specified at
> > > http://www.microsoft.com/info/cpyright.htm
> > >
> > > "BryanV" <nobody@nowhere.invalid> wrote in message
> > > news:upRdwr1EEHA.3804@TK2MSFTNGP09.phx.gbl...
> > > >
> > > > I have a requirement that my app read a piece of user configuration
> data
> > > > from ActiveDirectory. I am using ADAM to try and prototype this new
> > > > functionality.
> > > >
> > > > I would like to add an attribute to the schema, e.g.
acmeProfileName,
> > and
> > > > make this attribute an optional attribute of some schema class that
is
> > > > guaranteed to exist.
> > > >
> > > > Question 1:
> > > >
> > > > Is "user" the appropriate schemaClass to attach this new attribute
to?
> > > Will
> > > > this class always exist, or is there a better one? I've seen
> references
> > > to
> > > > Auxiliary classes, but don't know if that is the way to go. I'm
> talking
> > > > about only a single attribute here.
> > > >
> > > > I have succeeded in making an LDIF file to create my new
attribute --
> > that
> > > > part works, since the new attribute shows up in the list of
attributes
> > > using
> > > > the ADAM schema editor snap in. The attribute just does not show up
> on
> > > > User.
> > > >
> > > > Using the schema editor, I can manually attach that attribute to a
> > class,
> > > > but I have not succeeded in making this association between
attribute
> > and
> > > > class using an LDIF file. I've been using the ms-user.ldf file as
an
> > > > example, and trying to find the minimal set of instructions to
create
> my
> > > new
> > > > string attribute, acmeProfileName, and attach it to the user class.
> > > >
> > > > Question 2:
> > > >
> > > > How to I take my new attribute and make it an optional attribute on
> the
> > > user
> > > > class?
> > > >
> > > > Thanks for any assistance...
> > > >
> > > >
> > > > Here is the LDIF that I use to create the attribute and try to make
it
> > > part
> > > > of User:
> > > >
> > > > dn: cn=acmeProfileName,cn=schema,cn=configuration,dc=x
> > > > changetype: ntdsschemaadd
> > > > objectclass: attributeSchema
> > > > lDAPDisplayName: acmeProfileName
> > > > attributeId: 1.3.6.1.4.1.999.1.1.28.314355
> > > > oMSyntax: 20
> > > > attributeSyntax: 2.5.5.4
> > > >
> > > > dn:
> > > > changetype: modify
> > > > add: schemaUpdateNow
> > > > schemaUpdateNow: 1
> > > > -
> > > >
> > > >
> > > > dn: cn=user,cn=schema,cn=configuration,dc=x
> > > > changetype: ntdsschemaadd
> > > > objectClass: classSchema
> > > > mayContain: acmeProfileName
> > > >
> > > > dn:
> > > > changetype: Modify
> > > > add: schemaUpdateNow
> > > > schemaUpdateNow: 1
> > > > -
> > > >
> > > >
> > > > And here is the error-free output from running this on a clean ADAM
> > > > directory to which I have imported ms-user:
> > > > C:\WINDOWS\ADAM>ldifde -i -f ms-user.ldf -s localhost -k -j . -c
> > > > "CN=Schema,CN=C
> > > > onfiguration,DC=X" #schemaNamingContext
> > > > Connecting to "localhost"
> > > > Logging in as current user using SSPI
> > > > Importing directory from file "ms-user.ldf"
> > > > Loading
> > > >
> entries.................................................................
> > > > .
> > > > 65 entries modified successfully.
> > > >
> > > > The command has completed successfully
> > > >
> > > > C:\WINDOWS\ADAM>ldifde -i -f acmeProfileName.ldf -s localhost -k -j
> . -c
> > > > "CN=Sch
> > > > ema,CN=Configuration,DC=X" #schemaNamingContext
> > > > Connecting to "localhost"
> > > > Logging in as current user using SSPI
> > > > Importing directory from file "acmeProfileName.ldf"
> > > > Loading entries.....
> > > > 4 entries modified successfully.
> > > >
> > > > The command has completed successfully
> > > >
> > > >
> > >
> > >
> >
> >
>
>

• Next message: Bill Chaffin: "locked out!!!"
• Previous message: Dmitri Gavrilov [MSFT]: "Re: Newbie Advice on Schema Change"
• In reply to: Dmitri Gavrilov [MSFT]: "Re: Newbie Advice on Schema Change"
• Next in thread: b: "Re: Newbie Advice on Schema Change"
• Reply: b: "Re: Newbie Advice on Schema Change"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint