如何在活动目录中添加新 Schema (最好用LDAP方式), 急!!!
在活动目录中添新 Schema 失败!
返回代码: 0x41
错误常量:LDAP_OBJECT_CLASS_VIOLATION
Windows 2k 系统描述:对象类别侵犯。
LDAP参考描述:操作违背了类定义中定义的语义规则
代码片断如下:
//添加一个新模式类
int new_schmC_2()
{
char szSchemaDN[1024];
char **ppszDomain;
ULONG uErr;
LDAP *psLdap;
LDAPMessage *psMsg = NULL;
//objectClass 属性
char *apszObjectClassVals[] = { "classSchema", NULL };
LDAPMod sAddObjectClass = { LDAP_MOD_ADD, "objectClass", apszObjectClassVals };
//cn 属性
char *apszCNVals[] = { "baz", NULL };
LDAPMod sAddCN = {LDAP_MOD_ADD, "cn", apszCNVals};
//OID 属性
char *apszOIDVals[] = { "1.2.840.113556.1.5.9939.221", NULL };
LDAPMod sAddOID = {LDAP_MOD_ADD, "governsID", apszOIDVals};
//possSuperiors 属性
char *apszPossSVals[] = { "container", NULL };
LDAPMod sAddPossSuperior = {LDAP_MOD_ADD, "possSuperiors", apszPossSVals};
//objectClassCategory 属性
char *apszObjClassCategoryVals[] = { "1", NULL };
int iOCC = 1;
LDAPMod sAddObjCC = {LDAP_MOD_ADD, "objectClassCategory", apszObjClassCategoryVals};
//defaultObjectCategory 属性
char *apszDefObjCategoryVals[] = { NULL, NULL };
apszDefObjCategoryVals[0] = "CN=Schema,CN=Configuration,DC=keycom,DC=com";
LDAPMod sAddDefObjC = {LDAP_MOD_ADD, "defaultObjectCategory", apszDefObjCategoryVals};
//lDAPDisplayName 属性
char *apszLDAPDisplayNameVals[] = { "baz", NULL };
LDAPMod sAddLDAPDisplayName = {LDAP_MOD_ADD, "lDAPDisplayName", apszLDAPDisplayNameVals};
//SubClassOf 属性
char *apszSubClassOfVals[] = { "top", NULL };
LDAPMod sAddSubClassOf = {LDAP_MOD_ADD, "subClassOf", apszSubClassOfVals};
//mayContain 属性
char *apszMayContainVals[] = { "user", NULL };
LDAPMod sAddMayContain = {LDAP_MOD_ADD, "mayContain", apszMayContainVals};
//description 属性
char *apszDscptVals[] = { "用户测试模式", NULL };
LDAPMod sAddDscrpt = { LDAP_MOD_ADD, "description", apszDscptVals };
//添加属性列表
LDAPMod *asAttrsToAdd[] = {
&sAddObjectClass,
&sAddCN,
&sAddOID,
&sAddDefObjC,
//&sAddObjCC,
&sAddLDAPDisplayName,
&sAddPossSuperior,
&sAddSubClassOf,
//&sAddMayContain,
&sAddDscrpt,
NULL };
//初始化
psLdap = ldap_init(NULL, LDAP_PORT);
if(psLdap == NULL)
{
printf("\nldap init failed !\n");
return -1;
}
//连接绑定
uErr = ldap_bind_s(psLdap, NULL, NULL, LDAP_AUTH_NEGOTIATE);
if(uErr != LDAP_SUCCESS)
{
printf("ldap bind failed !\n");
ldap_unbind_s(psLdap);
return uErr;
}
//获取根的 DSE 属性集
uErr = ldap_search_s(
psLdap,
NULL,
LDAP_SCOPE_BASE,
"objectClass=*",
NULL,
false,
&psMsg );
if(uErr != LDAP_SUCCESS)
{
ldap_unbind_s(psLdap);
return uErr;
}
//获取模式命名上下文属性
ppszDomain = ldap_get_values(psLdap,
ldap_first_entry(psLdap, psMsg),
"schemaNamingContext" );
memset(szSchemaDN, 0x00, sizeof(szSchemaDN));
if(ppszDomain != NULL)
{
strcat( szSchemaDN, ppszDomain[0] );
}
else
{
return -100;
}
ldap_value_free(ppszDomain);
//printf("Schema DN : %s\n", szSchemaDN);
ldap_msgfree(psMsg);
//同步加入新对象
uErr = ldap_add_s(psLdap, szSchemaDN, asAttrsToAdd);
ldap_unbind_s(psLdap);
return uErr;
}
////////////////////////////////////////////////////////////////////////