pwm & openldap

sigh. rtfm. that's right. read the fine manual, but, be sure to have a highlighter ready. in openldap integration, be sure to create this groovy pwm.schema file:

 # /etc/ldap/schema/pwm.schema  
 #  
 # We try to define OID's "correctly" as outlined here:  
 #  
 # http://www.openldap.org/doc/admin23/schema.html  
 #  
 # 1.3.6.1.4.1  base OID  
 # 591242    organization idenfifier  
 # 1       if an objectclass  
 # 2       if an attribute  
 # yyyy.mm.dd  date of creation  
 # n       extra identifier  
 #  
 attributetype ( 1.3.6.1.4.1.591242.2.2010.04.16.1   
     NAME 'pwmEventLog'   
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )  
   
 attributetype ( 1.3.6.1.4.1.591242.2.2010.04.16.2   
     NAME 'pwmResponseSet'   
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )  
   
 attributetype ( 1.3.6.1.4.1.591242.2.2010.04.16.3   
     NAME 'pwmLastPwdUpdate'   
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )  
   
 attributetype ( 1.3.6.1.4.1.591242.2.2010.04.16.4   
     NAME 'pwmGUID'   
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )  
   
 objectclass ( 1.3.6.1.4.1.591242.1.2010.04.16.1   
     NAME 'pwmUser'   
     AUXILIARY   
     MAY ( pwmLastPwdUpdate $ pwmEventLog $ pwmResponseSet $   
     pwmGUID ) )  

in the admin manual, that last ) is missing.

remember, those schema aren't loaded automagically... in your slapd.conf file, add this line:

include /etc/ldap/schema/pwm.schema