When installing OpenDS, you’re asked to define a Base DN (aka Suffix, aka Naming Context) for your directory instance. A default is proposed : dc=example,dc=com.
OpenDS supports multiple suffixes per backend and multiple backends.
The Control Panel allows you to easily add suffixes to the current backend or to a new backend.
You can also do it through the dsconfig command line tool.
$ dsconfig set-backend-prop --backend-name userRoot --add base-dn:dc=MyCompany,dc=com --hostname localhost --port 4444 --bindDN cn=Directory\ Manager --bindPassword ******** --trustAll --noPropertiesFile --no-prompt
Technorati Tags: directory-server, ldap, opends, tip
Ludo Sketches 
Hi Ludo,
I am also trying the create the base dn in opendj ldap using the jndi and java. I am getting the error as
he provided entry dc=test,dc=dom cannot be added because its suffix is not defined as one of the suffixes within the Directory Server]; remaining name ‘dc=test,dc=dom’
Can you please let me know whether i am doing the error.
Thansk in advance.
Hi,
A backend must be configured to host the suffix first. This is done with the command above in the post. Once this is done, you can create the entry “dc=test,dc=com”.
The command above (dsconfig set-backend-prop …) can be also translated into LDAP operation(s) using JNDI, but I would not recommend it as it might change from version to version.
Regards,
Ludo.
Thanks for the information i have tried using the command which you have mentioned .. what i was doing is that through java class i am just first logged in into the LDAP server and then executing this command … But i want to do the same thing in JNDI .. which i am not able to do so … As you have mentioned can you please let me know the LDAP operation using JNDI … i am doing as the POC for the same….
Thanks for your quick response on the same…
Narendra
Addition to that i am pasting my code … If you find the problem in the code then please let me know…
public static String ldapUri = “ldap://169.144.104.75:389”;
public static String admindn = “cn=Directory Manager”;
public static String admincred = “redhat”;
public static void main(String args[]){
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,”com.sun.jndi.ldap.LdapCtxFactory”);
env.put(Context.PROVIDER_URL, ldapUri);
env.put( Context.SECURITY_PRINCIPAL, admindn );
env.put( Context.SECURITY_CREDENTIALS, admincred );
try {
DirContext ctx = new InitialDirContext(env);
Attributes attrs = new BasicAttributes(true);
Attribute objclass = new BasicAttribute(“objectclass”);
objclass.add(“top”);
objclass.add(“domain”);
objclass.add(“ds-cfg-branch”);
attrs.put(objclass);
attrs.put(“dn”,”ds-cfg-backend-id=userRoot,cn=Backends,cn=config”);
ctx.createSubcontext(“dc=naren1,dc=naren1”,attrs);
ctx.close();
The error is am getting is
javax.naming.NameNotFoundException: [LDAP: error code 32 – The provided entry dc=naren1,dc=naren1 cannot be added because its suffix is not defined as one of the suffixes within the Directory Server]; remaining name ‘dc=naren1,dc=naren1’
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3057)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2978)
Hi,
Your code shows a misunderstanding of JNDI and LDAP. Although it’s displayed like an attribute in LDIF, “dn” is not an attribute in LDAP, it’s the Name of the entry, and for JNDI it’s the DirContext. When building the initial context, you should specify the DN of the userRoot backend config entry : ”ds-cfg-backend-id=userRoot,cn=Backends,cn=config”.
Then you can create a sub Context as “dc=Narent1” (and only one level done the DirContext).
Please check JDNI tutorial section about adding entries with LDAP.
Kind regards,
Ludovic
Hi Ludo , The above command worked for me . Inspite of that , I’m not able to rebuild indexes on my setup . I always see the error :
ERROR: The server rejected the task for the following reason: The provided entry ds-task-id=20160825091739411,cn=Scheduled Tasks,cn=Tasks cannot be added because its suffix is not defined as one of the suffixes within the Directory Server
Please suggest a way out .
Thanks in advance !
Hi,
I would like to help you, but without complete details of the configuration, the command you run with its parameters and the detailed logs from the server, I’m afraid it’s going to be difficult. My first feeling is that the rebuild index command has a parameter that is incorrect or a typo (like the -b argument).
Nevertheless, I’m not sure a blog is the right place to get help with commands and deployments. I suggest that you post your question and details through the OpenDJ Discussion Forum: https://forgerock.org/forum/fr-projects/opendj/ or through ForgeRock support if you are a ForgeRock customer.