On 11/27/2015 08:22 AM, Gary Stainburn wrote: > (Sorry, but I am doing this parrot fashion as I really don't understand LDAP > yet) OK, then let's start with a simple description of what LDAP is. I'd describe it as a directory server. Like your filesystem (a directory tree), it stores information in a named tree structure. Like your filesystem, every entry needs a parent entry in the path. Unlike your filesystem, the base (root) doesn't need to be the shortest name possible. You can use "dc=ringways,dc=com" as a base for your directory, without providing "dc=com" or an entry at "". Also unlike your filesystem, the data in an LDAP entry is structured; while all of the files in your filesystem are essentially blobs of binary data, data stored in LDAP is stored in named attributes of an entry which have rules describing what data is valid, how it should be sorted, and how it should be compared to search filters, etc. > [root at ollie2 ~]# slapadd -v -l basedomain.ldif > 56588237 The first database does not allow slapadd; using the first available > one (2) > slapadd: dn="dc=ringways,dc=com" (line=1): (64) value of single-valued naming > attribute 'dc' conflicts with value present in entry ... > dn: dc=ringways,dc=com > objectClass: top > objectClass: dcObject > objectclass: organization > o: Ringways > dc: Server A special rule of LDAP is that every entry has an attribute which is implied by its path. In this case, the entry "dc=ringways,dc=com" has an attribute named "dc" whose value is "ringways". You don't need to specify that attribute, but if you do, then it has to match the implied value. The error is telling you that there is an attribute named "dc", that the rules describing that attribute specify that it is single-valued (you cannot have multiple "dc" attributes, though some attributes do allow that sort of thing), and that you specified a value that conflicts with a value that was already present.