LDAP integration - Data Model and objectClass

Successfully running Asterisk with static /etc/asterisk/*.conf files, switching to Realtime LDAP model pointing to external OpenLDAP server.

Following example at flyn.org/astldap/, there is an issue creating LDAP object classes as documented; when I create the objectClass AsteriskSIPUser using the below ldif I receive an error:

ldapadd -x -D cn=manager,dc=acme,dc=com -f sippeer.ldif -W
ldap_add: Object class violation (65)
additional info: no structural object class provided

dn: cn=2001,ou=sipPeers,ou=Voice,ou=Services,dc=acme,dc=com
objectClass: top
objectClass: AsteriskSIPUser
cn: 2001
AstAccountFullContact: User 1 <2001>
AstAccountCallerID: 2001
AstAccountHost: dynamic
AstAccountRealmedPassword: 2001:acme.com:passwd
AstAccountContext: default

dn: cn=2002,ou=sipPeers,ou=Voice,ou=Services,dc=acme,dc=com
objectClass: top
objectClass: AsteriskSIPUser
cn: 2002
AstAccountFullContact: User 2 <2002>
AstAccountCallerID: 2002
AstAccountHost: dynamic
AstAccountRealmedPassword: 2002:acme.com:passwd
AstAccountContext: default

In perusing the schema files the above error makes sense since AsteriskSIPUser is an AUXILIARY class and top is ABSTRACT class so the reported error is accurate that no STRUCTURAL class is specified. I did find somewhere that Asterisk schema is intended to extend existing class (hence auxiliary) but if this is true then the above example could not work as documented…

So how are others using asterisk ldap classes? Working examples would be very much appreciated
Are you extending an existing (structural) user class? (inetOrgPerson perhaps?)

Just seems wrong design philosophy to create hard association of phone (sip peer) to user by extending person class but that’s for another day once I get things working… and perhaps an incorrect assumption on my part

Gentoo 2.6.27
asterisk.schema v3.1.4
OpenLDAP: 2.4.19-r1
Apache Directory Studio 1.5.3

Seeking kind soul to set me straight… I’ll do the work just point me in the right direction :smile:

Hi, I had the same problem, I read that adding “objectClass: inetOrgPerson” to each entry solve the problem. I tried but I got:

ldap_add: Object class violation (65)
additional info: object class ‘inetOrgPerson’ requires attribute ‘sn’

Any thoughts?