This topic has 2 replies, 2 voices, and was last updated 5 years, 5 months ago by 
-
Posts
-
Hi,
I create attribute lastlogintime and set it in password policy (as write in the admin guide).
I create this attribute in all three server with opendj.In two of this server I see this error in access log:
BIND conn=11272 op=0 msgID=1 version=3 type=SIMPLE dn="uid=usersearch,dc=identity,dc=sieltecloud,dc=it" result=65 message="An error occurred while attempting to update password policy state information for user uid=usersearch,dc=identity,dc=sieltecloud,dc=it: Entry uid=usersearch,dc=identity,dc=sieltecloud,dc=it cannot be modified because the resulting entry would have violated the server schema: Entry uid=usersearch,dc=identity,dc=sieltecloud,dc=it violates the Directory Server schema configuration because it includes attribute lastlogintime which is not allowed by any of the objectclasses defined in that entry" etime=1Where is the problem??
Regards,
Dario“Entry uid=usersearch,dc=identity,dc=sieltecloud,dc=it violates the Directory Server schema configuration because it includes attribute lastlogintime which is not allowed by any of the objectclasses defined in that entry”
The error message is explicit, isn’t it ?
It is not enough to create an attribute in the schema, you must allow it in objectClasses, or define it as operational so it can appear in any object.
By the way all of the documentation examples are tested and known to work. So if they don’t, I would suggest two things : check that the documentation matches the version of the server you are using. There are few changes between versions, but you never know. And check that you have actually used the full example of the guide, and not some partial copy.
You must be logged in to reply to this topic.
