UnboundID: The entry contains attribute ‘XXXX’ which is not defined in the schema

Posted on by Choon-Chern Lim

PROBLEM

Let’s assume we have the following LDIF file containing custom attribute(s), such as managedBy:-

dn: dc=MyShittyCode
objectClass: top
objectClass: domain
dc: MyShittyCode

dn: CN=ShittyEmployee,DC=MyShittyCode
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
sn: ShittyEmployee
managedBy: CN=ShittyBoss,DC=MyShittyCode

When running the code on UnboundID’s In-Memory Directory Server, the following exception is thrown:-

LDAPException(resultCode=65 (object class violation), 
errorMessage='Unable to add entry 'CN=ShittyEmployee,DC=MyShittyCode' 
because it violates the provided schema:  The entry contains attribute 
managedBy which is not defined in the schema.')
	at com.unboundid.ldap.listener.InMemoryRequestHandler.addEntry(InMemoryRequestHandler.java:4055)
	at com.unboundid.ldap.listener.InMemoryRequestHandler.importFromLDIF(InMemoryRequestHandler.java:3876)
	at com.unboundid.ldap.listener.InMemoryDirectoryServer.importFromLDIF(InMemoryDirectoryServer.java:1226)
	at com.unboundid.ldap.listener.InMemoryDirectoryServer.importFromLDIF(InMemoryDirectoryServer.java:1198)

SOLUTION

The problem is caused by the fact that the default schema does not match Microsoft’s Active Directory schema. Hence, attribute(s), such as managedBy, would cause an error.

While we can set a modified schema, which is very convoluted, the easiest solution is to completely disable the schema:-

def config = new InMemoryDirectoryServerConfig(base)
config.setListenerConfigs(new InMemoryListenerConfig("myListener", null, port, null, null, null))
config.setSchema(null)

def server = new InMemoryDirectoryServer(config)
server.startListening()
server.importFromLDIF(true, "target/test-classes/unboundid-test-data.ldif")

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *