Hi,all:

I'm working on populating an OpenLDAP server (Dapper) for pam authentication. I'm having trouble import LDIFs for my groups. The following is and example:

(this imports on CentOS 5.3 i386, openldap version is 2.3.43-3.el5 )

# org.X.admins dn: cn=admins,dc=X,dc=org changetype: add objectClass: groupOfNames objectClass: top objectClass: posixGroup cn: admins gidNumber: 1001 member: cn=admin,dc=X,dc=org

I get the following error:

adding new entry "cn=admins,dc=X,dc=org" ldap_add: Object class violation (65) additional info: invalid structural object class chain (groupOfNames/posixGroup)

Now, if I strip it down a little, this will import:

dn: cn=admins,dc=X,dc=org changetype: add objectClass: posixGroup cn: admins gidNumber: 1001

I don't see though how this is supposed to tie to a user without the member entries.

So what is the wrong with it ?Could someone give me some suggestions?

Thanks ~