[Samba] Samba4 LDAP Integration with Asterisk
Victor Adsuar Abaldea
vadsuar at teralco.com
Wed Sep 11 01:00:41 MDT 2013
Hi Bob,
Unfortunally yes! I'm using Freepbx, but it's a test environment, I want to
evaluate Samba4's integration capabilities, one of them was Asterisk, but
also I want to evaluate with Cisco devices, and software developed in my
company. But after I read your post I have been searching about coexistence
between Asterisk-Freepbx and LDAP, like you well say is very difficult sync
them. I think I will have to choice: Freepbx or LDAP integration...
You are right! Asterisk and Samba4 integration have been a painful task,
thanks to support from Rowland I can do it. I'm writing a how-to that I
will send to Samba forum. I hope support someone in a future.
Thank you for share your experience and knowledge.
On 10 September 2013 17:53, Bob Miller <bob at computerisms.ca> wrote:
> Hi Victor,
>
> I looked at using asterisk real-time ldap with samba4 a few years ago.
> I determined that by using it, though, I would be unable to use freepbx.
> Basically it makes a situation where the extensions database needs to be
> in ldap and mysql at the same time, and I did not find a way where they
> would both be reliably in sync when something changed on one side or the
> other.
>
> So in reading this thread I find myself wondering; are you using some
> kind of web-based app like freepbx to manage your asterisk and use
> real-time ldap in asterisk at the same time? If so, can you point me in
> the direction you took to accomplish that? I am very interested to know
> your approach...
>
> For the record, I also tried importing the asterisk schema into ldb, and
> as I recall I ran into many of the problems you are running into now.
> Around that time I was trying to import lots of schema's (which I later
> found was mostly unnecessary), and most times the oLschema2ldif program
> wouldn't completely convert a schema, or if it did ldb wouldn't usually
> import the whole thing. In some cases, I was able to import what did
> work using the ldb commands, and then I used active directory tools to
> add attributes manually in windows: the one thing I really remember
> about that was how tedious it was. Not sure if that worked with the
> asterisk schema, but if all else fails, it is something you can try...
>
> --
> Computerisms
> Bob Miller
> 867-334-7117 / 867-633-3760
> http://computerisms.ca
>
>
> On Tue, 2013-09-10 at 10:07 +0200, Victor Adsuar Abaldea wrote:
> > Sorry, here are the files
> >
> >
> > On 10 September 2013 09:59, Victor Adsuar Abaldea <vadsuar at teralco.com
> >wrote:
> >
> > > Sorry I forgot the files!
> > >
> > >
> > >
> > > On 10 September 2013 09:58, Victor Adsuar Abaldea <vadsuar at teralco.com
> >wrote:
> > >
> > >> Hi Rowland,
> > >>
> > >> I split schema file in two files( Attribute file and Object file) and
> I
> > >> have replaced the name of attribute/object with his OID. I attach
> both. The
> > >> output of oLschema2ldif for attribute file is perfect!
> > >>
> > >> /usr/local/samba/bin/oLschema2ldif -b "DC=XXX,DC=LOCAL" -I
> > >> ./asterisk-atr.ldap-schema -O ./asterisk-atr-ldb.ldif
> > >> Converted 68 records with 0 failures
> > >>
> > >> However the object file a get the same errors. The output is:
> > >>
> > >> /usr/local/samba/bin/oLschema2ldif -b "DC=XXX,DC=LOCAL" -I
> > >> ./asterisk-obj.ldap-schema -O ./asterisk-obj-ldb.ldif
> > >> No valid msg from entry
> > >> [objectIdentifier AsteriskRoot 1.3.6.1.4.1.22736objectIdentifier
> > >> AsteriskLDAP AsteriskRoot:5objectIdentifier AstAttrType
> > >> AsteriskLDAP:4objectIdentifier AstContext
> AstAttrType:1objectIdentifier
> > >> AstExtension AstAttrType:2objectIdentifier AstPriority
> > >> AstAttrType:3objectIdentifier AstApplication
> AstAttrType:4objectIdentifier
> > >> AstApplicationData AstAttrType:5objectIdentifier AstAccountAMAFlags
> > >> AstAttrType:6objectIdentifier AstAccountCallerID
> > >> AstAttrType:7objectIdentifier AstAccountContext
> > >> AstAttrType:8objectIdentifier AstAccountMailbox
> > >> AstAttrType:9objectIdentifier AstMD5secret
> AstAttrType:10objectIdentifier
> > >> AstAccountDeny AstAttrType:11objectIdentifier AstAccountPermit
> > >> AstAttrType:12objectIdentifier AstAccountQualify
> > >> AstAttrType:13objectIdentifier AstAccountType
> > >> AstAttrType:14objectIdentifier AstAccountDisallowedCodec
> > >> AstAttrType:15objectIdentifier AstAccountExpirationTimestamp
> > >> AstAttrType:16objectIdentifier AstAccountRegistrationContext
> > >> AstAttrType:17objectIdentifier AstAccountRegistrationExten
> > >> AstAttrType:18objectIdentifier AstAccountNoTransfer
> > >> AstAttrType:19objectIdentifier AstAccountCallGroup
> > >> AstAttrType:20objectIdentifier AstAccountCanReinvite
> > >> AstAttrType:21objectIdentifier AstAccountDTMFMode
> > >> AstAttrType:22objectIdentifier AstAccountFromUser
> > >> AstAttrType:23objectIdentifier AstAccountFromDomain
> > >> AstAttrType:24objectIdentifier AstAccountFullContact
> > >> AstAttrType:25objectIdentifier AstAccountHost
> > >> AstAttrType:26objectIdentifier AstAccountInsecure
> > >> AstAttrType:27objectIdentifier AstAccountNAT
> AstAttrType:28objectIdentifier
> > >> AstAccountPickupGroup AstAttrType:29objectIdentifier AstAccountPort
> > >> AstAttrType:30objectIdentifier AstAccountRestrictCID
> > >> AstAttrType:31objectIdentifier AstAccountRTPTimeout
> > >> AstAttrType:32objectIdentifier AstAccountRTPHoldTimeout
> > >> AstAttrType:33objectIdentifier AstAccountRealmedPassword
> > >> AstAttrType:34objectIdentifier AstAccountAllowedCodec
> > >> AstAttrType:35objectIdentifier AstAccountMusicOnHold
> > >> AstAttrType:36objectIdentifier AstAccountCanCallForward
> > >> AstAttrType:37objectIdentifier AstAccountSecret
> > >> AstAttrType:38objectIdentifier AstAccountName
> > >> AstAttrType:39objectIdentifier AstConfigFilename
> > >> AstAttrType:40objectIdentifier AstConfigCategory
> > >> AstAttrType:41objectIdentifier AstConfigCategoryMetric
> > >> AstAttrType:42objectIdentifier AstConfigVariableName
> > >> AstAttrType:43objectIdentifier AstConfigVariableValue
> > >> AstAttrType:44objectIdentifier AstConfigCommented
> > >> AstAttrType:45objectIdentifier AstAccountIPAddress
> > >> AstAttrType:46objectIdentifier AstAccountDefaultUser
> > >> AstAttrType:47objectIdentifier AstAccountRegistrationServer
> > >> AstAttrType:48objectIdentifier AstAccountLastQualifyMilliseconds
> > >> AstAttrType:49objectIdentifier AstAccountCallLimit
> > >> AstAttrType:50objectIdentifier AstVoicemailMailbox
> > >> AstAttrType:51objectIdentifier AstVoicemailPassword
> > >> AstAttrType:52objectIdentifier AstVoicemailFullname
> > >> AstAttrType:53objectIdentifier AstVoicemailEmail
> > >> AstAttrType:54objectIdentifier AstVoicemailPager
> > >> AstAttrType:55objectIdentifier AstVoicemailOptions
> > >> AstAttrType:56objectIdentifier AstVoicemailTimestamp
> > >> AstAttrType:57objectIdentifier AstVoicemailContext
> > >> AstAttrType:58objectIdentifier AstAccountSubscribeContext
> > >> AstAttrType:59objectIdentifier AstAccountUserAgent
> > >> AstAttrType:61objectIdentifier AstAccountLanguage
> > >> AstAttrType:62objectIdentifier AstAccountTransport
> > >> AstAttrType:63objectIdentifier AstAccountPromiscRedir
> > >> AstAttrType:64objectIdentifier AstAccountAccountCode
> > >> AstAttrType:65objectIdentifier AstAccountSetVar
> > >> AstAttrType:66objectIdentifier AstAccountAllowOverlap
> > >> AstAttrType:67objectIdentifier AstAccountVideoSupport
> > >> AstAttrType:68objectIdentifier AstAccountIgnoreSDPVersion
> > >> AstAttrType:69objectIdentifier AstObjectClass
> > >> AsteriskLDAP:2objectIdentifier AsteriskExtension
> > >> AstObjectClass:1objectIdentifier AsteriskIAXUser
> > >> AstObjectClass:2objectIdentifier AsteriskSIPUser
> > >> AstObjectClass:3objectIdentifier AsteriskConfig
> > >> AstObjectClass:4objectIdentifier AsteriskVoiceMail
> > >> AstObjectClass:5objectIdentifier AsteriskDialplan
> > >> AstObjectClass:6objectIdentifier AsteriskAccount
> > >> AstObjectClass:7objectIdentifier AsteriskMailbox
> > >> AstObjectClass:8objectclass ( 1.3.6.1.4.1.22736.5.5.1 NAME
> > >> 'AsteriskExtension' DESC 'PBX Extension Information for Asterisk'
> SUP
> > >> top AUXILIARY MUST cn MAY ( AstContext $
> AstExtension
> > >> $ AstPriority $ AstApplication $
> AstApplicationData
> > >> ) )]
> > >> at line 102
> > >> No valid msg from entry
> > >> [objectClass ( 1.3.6.1.4.1.22736.5.5.6 NAME 'AsteriskDialplan' DESC
> > >> 'Asterisk Dialplan Information' SUP top STRUCTURAL MUST (
> AstExtension )
> > >> )]
> > >> at line 234
> > >> No valid msg from entry
> > >> [objectClass ( 1.3.6.1.4.1.22736.5.5.7 AsteriskAccount NAME
> > >> 'AsteriskAccount' DESC 'Asterisk Account Information' SUP top
> STRUCTURAL MUST
> > >> ( AstAccountName ) )]
> > >> at line 241
> > >> No valid msg from entry
> > >> [objectClass ( 1.3.6.1.4.1.22736.5.5.8 NAME 'AsteriskMailbox' DESC
> > >> 'Asterisk Mailbox Information' SUP top STRUCTURAL MUST (
> > >> AstVoicemailMailbox ) )]
> > >> at line 247
> > >> Converted 8 records with 4 failures
> > >>
> > >> Do you have any more idea? I think if in a future I get this I will
> send
> > >> it to Asterisk team. Maybe someday I get integrate Asterisk with
> Samba4
> > >>
> > >> Thank you Rowland!
> > >>
> > >>
> > >>
> > >>
> > >>
> > >> On 9 September 2013 15:40, Rowland Penny <rowlandpenny at googlemail.com
> >wrote:
> > >>
> > >>> On 09/09/13 14:06, Victor Adsuar Abaldea wrote:
> > >>>
> > >>> Hi Rowland!!
> > >>>
> > >>> 1) First I want to excuse me. I was confused I'm sorry! At this
> moment
> > >>> and in a future I will referrer to you through your first name ;-)
> > >>> 2) Now when I use de schema file i get only 4 new errors, so I think
> i'm
> > >>> in correct way... I attach the asterisk ldap schema file and paste
> the
> > >>> oLschema2ldif output. Also I tried split the file, but always I get
> this 4
> > >>> errors in object file.
> > >>>
> > >>> Thank you so much!! I think I'm the first person trying integrate
> > >>> Asterisk with Samba4! Because I don't find anything about this topic.
> > >>>
> > >>> /usr/local/samba/bin/oLschema2ldif -b "DC=XXX,DC=LOCAL" -I
> > >>> ./asterisk.ldap-schema -O ./asterisk-ldb.ldif
> > >>> No valid msg from entry
> > >>> [objectIdentifier AsteriskRoot 1.3.6.1.4.1.22736objectIdentifier
> > >>> AsteriskLDAP
> > >>>
> AsteriskRoot:5##############################################################################
> > >>> Attribute group OIDs. e.g.: objectIdentifier AstAttrType
> > >>>
> AsteriskLDAP:4#############################################################################objectIdentifier
> > >>> AstAttrType
> > >>>
> AsteriskLDAP:4##############################################################################
> > >>> Attribute OIDs e.g.: objectIdentifier AstContext
> > >>>
> AstAttrType:1#############################################################################objectIdentifier
> > >>> AstContext AstAttrType:1objectIdentifier AstExtension
> > >>> AstAttrType:2objectIdentifier AstPriority
> AstAttrType:3objectIdentifier
> > >>> AstApplication AstAttrType:4objectIdentifier AstApplicationData
> > >>> AstAttrType:5objectIdentifier AstAccountAMAFlags
> > >>> AstAttrType:6objectIdentifier AstAccountCallerID
> > >>> AstAttrType:7objectIdentifier AstAccountContext
> > >>> AstAttrType:8objectIdentifier AstAccountMailbox
> > >>> AstAttrType:9objectIdentifier AstMD5secret
> AstAttrType:10objectIdentifier
> > >>> AstAccountDeny AstAttrType:11objectIdentifier AstAccountPermit
> > >>> AstAttrType:12objectIdentifier AstAccountQualify
> > >>> AstAttrType:13objectIdentifier AstAccountType
> > >>> AstAttrType:14objectIdentifier AstAccountDisallowedCodec
> > >>> AstAttrType:15objectIdentifier AstAccountExpirationTimestamp
> > >>> AstAttrType:16objectIdentifier AstAccountRegistrationContext
> > >>> AstAttrType:17objectIdentifier AstAccountRegistrationExten
> > >>> AstAttrType:18objectIdentifier AstAccountNoTransfer
> > >>> AstAttrType:19objectIdentifier AstAccountCallGroup
> > >>> AstAttrType:20objectIdentifier AstAccountCanReinvite
> > >>> AstAttrType:21objectIdentifier AstAccountDTMFMode
> > >>> AstAttrType:22objectIdentifier AstAccountFromUser
> > >>> AstAttrType:23objectIdentifier AstAccountFromDomain
> > >>> AstAttrType:24objectIdentifier AstAccountFullContact
> > >>> AstAttrType:25objectIdentifier AstAccountHost
> > >>> AstAttrType:26objectIdentifier AstAccountInsecure
> > >>> AstAttrType:27objectIdentifier AstAccountNAT
> AstAttrType:28objectIdentifier
> > >>> AstAccountPickupGroup AstAttrType:29objectIdentifier AstAccountPort
> > >>> AstAttrType:30objectIdentifier AstAccountRestrictCID
> > >>> AstAttrType:31objectIdentifier AstAccountRTPTimeout
> > >>> AstAttrType:32objectIdentifier AstAccountRTPHoldTimeout
> > >>> AstAttrType:33objectIdentifier AstAccountRealmedPassword
> > >>> AstAttrType:34objectIdentifier AstAccountAllowedCodec
> > >>> AstAttrType:35objectIdentifier AstAccountMusicOnHold
> > >>> AstAttrType:36objectIdentifier AstAccountCanCallForward
> > >>> AstAttrType:37objectIdentifier AstAccountSecret
> > >>> AstAttrType:38objectIdentifier AstAccountName
> > >>> AstAttrType:39objectIdentifier AstConfigFilename
> > >>> AstAttrType:40objectIdentifier AstConfigCategory
> > >>> AstAttrType:41objectIdentifier AstConfigCategoryMetric
> > >>> AstAttrType:42objectIdentifier AstConfigVariableName
> > >>> AstAttrType:43objectIdentifier AstConfigVariableValue
> > >>> AstAttrType:44objectIdentifier AstConfigCommented
> > >>> AstAttrType:45objectIdentifier AstAccountIPAddress
> > >>> AstAttrType:46objectIdentifier AstAccountDefaultUser
> > >>> AstAttrType:47objectIdentifier AstAccountRegistrationServer
> > >>> AstAttrType:48objectIdentifier AstAccountLastQualifyMilliseconds
> > >>> AstAttrType:49objectIdentifier AstAccountCallLimit
> > >>> AstAttrType:50objectIdentifier AstVoicemailMailbox
> > >>> AstAttrType:51objectIdentifier AstVoicemailPassword
> > >>> AstAttrType:52objectIdentifier AstVoicemailFullname
> > >>> AstAttrType:53objectIdentifier AstVoicemailEmail
> > >>> AstAttrType:54objectIdentifier AstVoicemailPager
> > >>> AstAttrType:55objectIdentifier AstVoicemailOptions
> > >>> AstAttrType:56objectIdentifier AstVoicemailTimestamp
> > >>> AstAttrType:57objectIdentifier AstVoicemailContext
> > >>> AstAttrType:58objectIdentifier AstAccountSubscribeContext
> > >>> AstAttrType:59objectIdentifier AstAccountUserAgent
> > >>> AstAttrType:61objectIdentifier AstAccountLanguage
> > >>> AstAttrType:62objectIdentifier AstAccountTransport
> > >>> AstAttrType:63objectIdentifier AstAccountPromiscRedir
> > >>> AstAttrType:64objectIdentifier AstAccountAccountCode
> > >>> AstAttrType:65objectIdentifier AstAccountSetVar
> > >>> AstAttrType:66objectIdentifier AstAccountAllowOverlap
> > >>> AstAttrType:67objectIdentifier AstAccountVideoSupport
> > >>> AstAttrType:68objectIdentifier AstAccountIgnoreSDPVersion
> > >>>
> AstAttrType:69##############################################################################
> > >>> Object Class
> > >>>
> OIDs#############################################################################objectIdentifier
> > >>> AstObjectClass AsteriskLDAP:2objectIdentifier AsteriskExtension
> > >>> AstObjectClass:1objectIdentifier AsteriskIAXUser
> > >>> AstObjectClass:2objectIdentifier AsteriskSIPUser
> > >>> AstObjectClass:3objectIdentifier AsteriskConfig
> > >>> AstObjectClass:4objectIdentifier AsteriskVoiceMail
> > >>> AstObjectClass:5objectIdentifier AsteriskDialplan
> > >>> AstObjectClass:6objectIdentifier AsteriskAccount
> > >>> AstObjectClass:7objectIdentifier AsteriskMailbox
> > >>> AstObjectClass:8attributetype ( AstContext NAME 'AstContext'
> > >>> DESC 'Asterisk Context' EQUALITY caseIgnoreMatch
> SUBSTR
> > >>> caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )]
> > >>> at line 140
> > >>> No valid msg from entry
> > >>> [objectClass ( AsteriskDialplan NAME 'AsteriskDialplan' DESC
> 'Asterisk
> > >>> Dialplan Information' SUP top STRUCTURAL MUST ( AstExtension ) )]
> > >>> at line 785
> > >>> No valid msg from entry
> > >>> [objectClass ( AsteriskAccount NAME 'AsteriskAccount' DESC 'Asterisk
> > >>> Account Information' SUP top STRUCTURAL MUST ( AstAccountName ) )]
> > >>> at line 792
> > >>> No valid msg from entry
> > >>> [objectClass ( AsteriskMailbox NAME 'AsteriskMailbox' DESC 'Asterisk
> > >>> Mailbox Information' SUP top STRUCTURAL MUST ( AstVoicemailMailbox )
> )]
> > >>> at line 799
> > >>> Converted 76 records with 4 failures
> > >>>
> > >>>
> > >>>
> > >>> On 9 September 2013 13:28, Rowland Penny <
> rowlandpenny at googlemail.com>wrote:
> > >>>
> > >>>> On 09/09/13 12:23, Victor Adsuar Abaldea wrote:
> > >>>>
> > >>>> Hi Penny,
> > >>>>
> > >>>> Oh!!! I didn't notice the ldif format can be translate to ldb. Even
> > >>>> when I try to convert with oLschema2ldif I got errors.
> > >>>>
> > >>>> I attach two files one with the errors and ldif file.
> > >>>>
> > >>>> Thank you to much for your support!
> > >>>>
> > >>>>
> > >>>> On 9 September 2013 12:03, Rowland Penny <
> rowlandpenny at googlemail.com>wrote:
> > >>>>
> > >>>>> On 09/09/13 10:12, Victor Adsuar Abaldea wrote:
> > >>>>>
> > >>>>> Hi Penny,
> > >>>>>
> > >>>>> Thank you for response, but I'm not able to import Alterisk ldif
> > >>>>> into SAMBA 4. I split the files in asterisk_attr.ldif and
> asterisk_obj.ldif
> > >>>>> but still get the same error. I've been searching answer to this
> topic and
> > >>>>> sincerely and ldap syntax have been changed to Microsoft world. I
> think
> > >>>>> the new Samba4 is a close project, Samba have jumped to Active
> Directory
> > >>>>> and now the integration with other services are a utopia, it's a
> pity
> > >>>>> because the new version it's a great step to go back.
> > >>>>>
> > >>>>> I post opinions about this topic.
> > >>>>> http://lifecs.likai.org/2013_06_01_archive.html
> > >>>>>
> > >>>>> In Asterisk forum none answer me, and I don't find anyone with a
> > >>>>> response to How modify the schema. In this post
> > >>>>> https://lists.samba.org/archive/samba/2013-January/170901.html you
> > >>>>> can see a example and you will see the changes. oMSyntax is a
> > >>>>> Microsoft variable!
> > >>>>> http://technet.microsoft.com/en-us/library/cc961740.aspx
> > >>>>>
> > >>>>> Samba 4 it's not compatible with OpenLdap ldif files. Maybe I'm
> > >>>>> wrong and someone can open my mind...
> > >>>>>
> > >>>>> Thanks!
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>> On 6 September 2013 14:24, Rowland Penny <
> rowlandpenny at googlemail.com>wrote:
> > >>>>>
> > >>>>>> On 06/09/13 11:04, Victor Adsuar Abaldea wrote:
> > >>>>>>
> > >>>>>>> Hi,
> > >>>>>>>
> > >>>>>>> I am turning crazy. I try to integrate Asterisk 11.5.1 into
> Samba4
> > >>>>>>> LDAP,
> > >>>>>>> but when I import the ldif file from contrib directory I get this
> > >>>>>>> error.
> > >>>>>>>
> > >>>>>>> ldbmodify -H /usr/local/samba/private/sam.ldb asterisk.ldif
> > >>>>>>> --option="dsdb:schema update allowed"=true
> > >>>>>>> ERR: (No such object) "objectclass: Cannot add
> > >>>>>>> cn=asterisk,cn=schema,cn=config, parent does not exist!" on DN
> > >>>>>>> cn=asterisk,cn=schema,cn=config at block before line 835
> > >>>>>>> Modify failed after processing 0 records
> > >>>>>>>
> > >>>>>>> LDAP and Asterisk are in diferents boxes. Please can someone
> help me?
> > >>>>>>>
> > >>>>>>> Thank you in advance!
> > >>>>>>>
> > >>>>>>> *Victor Adsuar*
> > >>>>>>> *Departamento de Sistemas*
> > >>>>>>> *Teralco Tecnologías Informáticas*
> > >>>>>>> vadsuar at teralco.com<
> > >>>>>>>
> https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=micorreo@teralco.com
> > >>>>>>> >
> > >>>>>>> www.teralco.com
> > >>>>>>>
> > >>>>>>> *AVISO LEGAL:
> > >>>>>>>
> > >>>>>>> Este mensaje se dirige exclusivamente a su destinatario y puede
> > >>>>>>> contener
> > >>>>>>> información reservada y/o CONFIDENCIAL. Si Vd. no es el
> destinatario
> > >>>>>>> original no está autorizado a copiar o distribuir esta
> comunicación a
> > >>>>>>> ninguna otra persona. Si ha recibido este mensaje por error, le
> > >>>>>>> rogamos nos
> > >>>>>>> lo comunique inmediatamente por esta misma vía y proceda a su
> > >>>>>>> borrado. **
> > >>>>>>> Gracias**.*
> > >>>>>>>
> > >>>>>>>
> > >>>>>>> *DISCLAIMER:
> > >>>>>>>
> > >>>>>>> This message is intended exclusively for its addressee and may
> > >>>>>>> contain
> > >>>>>>> information that is CONFIDENTIAL and protected by professional
> > >>>>>>> privilege.
> > >>>>>>> If you are not the intended recipient you are hereby notified
> that
> > >>>>>>> any
> > >>>>>>> dissemination, copy or disclosure of this communication is
> strictly
> > >>>>>>> prohibited by law. If this message has been received in error,
> please
> > >>>>>>> immediately notify us via e-mail and delete it. **Thank** you.*
> > >>>>>>>
> > >>>>>>> *
> > >>>>>>> *
> > >>>>>>>
> > >>>>>>> *
> > >>>>>>> *
> > >>>>>>>
> > >>>>>>> *Antes de imprimir este email piense bien si es necesario
> hacerlo.*
> > >>>>>>>
> > >>>>>>> *Cosider your environmental responsibility before printing this
> > >>>>>>> enail*
> > >>>>>>>
> > >>>>>> Hi, split the ldif in two, one containing the attributes, the
> other
> > >>>>>> the objectclasses, add the attributes one first, then the
> objectclasses.
> > >>>>>>
> > >>>>>> Rowland
> > >>>>>>
> > >>>>>>
> > >>>>>
> > >>>>>
> > >>>>> --
> > >>>>>
> > >>>>> *Victor Adsuar*
> > >>>>> *Departamento de Sistemas*
> > >>>>> *Teralco Tecnologías Informáticas*
> > >>>>> vadsuar at teralco.com
> > >>>>> · Tel. +34 965 68 87 02 <%2B34%20965%2068%2087%2002> · Móv. +34
> 627
> > >>>>> 26 87 54 <%2B34%20627%2026%2087%2054>
> > >>>>> Avda. de Cartagena 1 Entlo, · 03195 El Altet - Elche (Alicante) ·
> > >>>>> SPAIN ·
> > >>>>> www.teralco.com
> > >>>>>
> > >>>>> *AVISO LEGAL:
> > >>>>> Este mensaje se dirige exclusivamente a su destinatario y puede
> > >>>>> contener información reservada y/o CONFIDENCIAL. Si Vd. no es el
> > >>>>> destinatario original no está autorizado a copiar o distribuir esta
> > >>>>> comunicación a ninguna otra persona. Si ha recibido este mensaje
> por error,
> > >>>>> le rogamos nos lo comunique inmediatamente por esta misma vía y
> proceda a
> > >>>>> su borrado. **Gracias**.*
> > >>>>>
> > >>>>>
> > >>>>> *DISCLAIMER:
> > >>>>> This message is intended exclusively for its addressee and may
> contain
> > >>>>> information that is CONFIDENTIAL and protected by professional
> privilege.
> > >>>>> If you are not the intended recipient you are hereby notified that
> any
> > >>>>> dissemination, copy or disclosure of this communication is strictly
> > >>>>> prohibited by law. If this message has been received in error,
> please
> > >>>>> immediately notify us via e-mail and delete it. **Thank** you.*
> > >>>>>
> > >>>>> *
> > >>>>> *
> > >>>>>
> > >>>>> *
> > >>>>> *
> > >>>>>
> > >>>>> *Antes de imprimir este email piense bien si es necesario hacerlo.*
> > >>>>>
> > >>>>> *Cosider your environmental responsibility before printing this
> enail*
> > >>>>>
> > >>>>> OOPS, I missed that you are trying to use an LDAP ldif, this will
> > >>>>> not work, you need the Asterix schema and then run it through
> oLschema2ldif
> > >>>>> which you will find in /usr/local/samba/bin if you have compiled
> samba4
> > >>>>> yourself. The syntax for oLschema2ldif is:
> > >>>>>
> > >>>>> /usr/local/samba/bin/oLschema2ldif -b <your samba4 base DN> -I
> > >>>>> </path/to/asterix.schema> -O </path/to/asterixad.ldif>
> > >>>>>
> > >>>>> Where:
> > >>>>> <your samba4 base DN> is the base of your AD i.e. DC=example,Dc=com
> > >>>>> </path/to/asterix.schema> is the full path (including name) to
> where
> > >>>>> you have the asterix schema
> > >>>>> </path/to/asterixad.ldif> is the full path to where you want the
> new
> > >>>>> ldif to be created plus what you want the ldif to be called.
> > >>>>>
> > >>>>> Once you have run oLschema2ldif, you will find your new AD ldif
> > >>>>> wherever you told the script to put it. Split this file into
> attributes &
> > >>>>> objectclasses and install these.
> > >>>>>
> > >>>>> Rowland
> > >>>>>
> > >>>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>>
> > >>>> *Victor Adsuar*
> > >>>> *Departamento de Sistemas*
> > >>>> *Teralco Tecnologías Informáticas*
> > >>>> vadsuar at teralco.com
> > >>>> · Tel. +34 965 68 87 02 <%2B34%20965%2068%2087%2002> · Móv. +34
> 627 26
> > >>>> 87 54 <%2B34%20627%2026%2087%2054>
> > >>>> Avda. de Cartagena 1 Entlo, · 03195 El Altet - Elche (Alicante) ·
> SPAIN
> > >>>> ·
> > >>>> www.teralco.com
> > >>>>
> > >>>> *AVISO LEGAL:
> > >>>> Este mensaje se dirige exclusivamente a su destinatario y puede
> > >>>> contener información reservada y/o CONFIDENCIAL. Si Vd. no es el
> > >>>> destinatario original no está autorizado a copiar o distribuir esta
> > >>>> comunicación a ninguna otra persona. Si ha recibido este mensaje
> por error,
> > >>>> le rogamos nos lo comunique inmediatamente por esta misma vía y
> proceda a
> > >>>> su borrado. **Gracias**.*
> > >>>>
> > >>>>
> > >>>> *DISCLAIMER:
> > >>>> This message is intended exclusively for its addressee and may
> contain
> > >>>> information that is CONFIDENTIAL and protected by professional
> privilege.
> > >>>> If you are not the intended recipient you are hereby notified that
> any
> > >>>> dissemination, copy or disclosure of this communication is strictly
> > >>>> prohibited by law. If this message has been received in error,
> please
> > >>>> immediately notify us via e-mail and delete it. **Thank** you.*
> > >>>>
> > >>>> *
> > >>>> *
> > >>>>
> > >>>> *
> > >>>> *
> > >>>>
> > >>>> *Antes de imprimir este email piense bien si es necesario hacerlo.*
> > >>>>
> > >>>> *Cosider your environmental responsibility before printing this
> enail*
> > >>>>
> > >>>> 1) Why do you keep referring to me by my surname?
> > >>>>
> > >>>> 2) You need the asterix SCHEMA not the LDIF, the hint is in the
> > >>>> scriptname 'oLschema2ldif'
> > >>>>
> > >>>> ROWLAND
> > >>>>
> > >>>>
> > >>>
> > >>>
> > >>> --
> > >>>
> > >>> *Victor Adsuar*
> > >>> *Departamento de Sistemas*
> > >>> *Teralco Tecnologías Informáticas*
> > >>> vadsuar at teralco.com
> > >>> · Tel. +34 965 68 87 02 · Móv. +34 627 26 87 54
> > >>> Avda. de Cartagena 1 Entlo, · 03195 El Altet - Elche (Alicante) ·
> SPAIN ·
> > >>> www.teralco.com
> > >>>
> > >>> *AVISO LEGAL:
> > >>> Este mensaje se dirige exclusivamente a su destinatario y puede
> contener
> > >>> información reservada y/o CONFIDENCIAL. Si Vd. no es el destinatario
> > >>> original no está autorizado a copiar o distribuir esta comunicación a
> > >>> ninguna otra persona. Si ha recibido este mensaje por error, le
> rogamos nos
> > >>> lo comunique inmediatamente por esta misma vía y proceda a su
> borrado. *
> > >>> *Gracias**.*
> > >>>
> > >>>
> > >>> *DISCLAIMER:
> > >>> This message is intended exclusively for its addressee and may
> contain
> > >>> information that is CONFIDENTIAL and protected by professional
> privilege.
> > >>> If you are not the intended recipient you are hereby notified that
> any
> > >>> dissemination, copy or disclosure of this communication is strictly
> > >>> prohibited by law. If this message has been received in error, please
> > >>> immediately notify us via e-mail and delete it. **Thank** you.*
> > >>>
> > >>> *
> > >>> *
> > >>>
> > >>> *
> > >>> *
> > >>>
> > >>> *Antes de imprimir este email piense bien si es necesario hacerlo.*
> > >>>
> > >>> *Cosider your environmental responsibility before printing this
> enail*
> > >>>
> > >>> WOW, that is the strangest schema I have ever seen, I think that
> > >>> oLschema2ldif does not understand it!
> > >>> I also think that if you want to use the schema that you are going to
> > >>> have to re-write it
> > >>>
> > >>> Here is a sample attribute from the iRedmail.schema
> > >>>
> > >>> attributetype ( 1.3.6.1.4.1.32349.1.2.1.8 NAME
> > >>> 'domainRecipientBccAddress'
> > >>> DESC 'Recipient BCC address for whole domain'
> > >>> EQUALITY caseIgnoreIA5Match
> > >>> SUBSTR caseIgnoreSubstringsMatch
> > >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{320}
> > >>> SINGLE-VALUE )
> > >>>
> > >>> Compare it with an attribute from the asterix.schema
> > >>>
> > >>> attributetype ( AstContext
> > >>> NAME 'AstContext'
> > >>> DESC 'Asterisk Context'
> > >>> EQUALITY caseIgnoreMatch
> > >>> SUBSTR caseIgnoreSubstringsMatch
> > >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
> > >>>
> > >>> There is no OID, but there is a name ' AstContext' instead, you need
> to
> > >>> add the OID instead of the name, the info is there:
> > >>>
> > >>> # Digium root OID (
> http://www.iana.org/assignments/enterprise-numbers)
> > >>> #
> > >>> # 1.3.6.1.4.1.22736
> > >>> # 1.3.6.1.4.1.22736.5 LDAP elements
> > >>> # 1.3.6.1.4.1.22736.5.4 Attribute Types
> > >>> # 1.3.6.1.4.1.22736.5.5 Object Classes
> > >>>
> > >>> objectIdentifier AstContext AstAttrType:1
> > >>>
> > >>> So, the OID for ' AstContext' would be 1.3.6.1.4.1.22736.5.4 plus .1
> to
> > >>> give:
> > >>>
> > >>> attributetype ( 1.3.6.1.4.1.22736.5.4.1 NAME 'AstContext'
> > >>>
> > >>> DESC 'Asterisk Context'
> > >>> EQUALITY caseIgnoreMatch
> > >>> SUBSTR caseIgnoreSubstringsMatch
> > >>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
> > >>>
> > >>> Once you have done this, remove all the top lines and run it through
> > >>> oLschema2ldif and see what you get.
> > >>>
> > >>> I have no idea if this will work, but I cannot see any reason why it
> > >>> wouldn't.
> > >>>
> > >>> Rowland
> > >>>
> > >>>
> > >>>
> > >>
> > >>
> > >> --
> > >>
> > >> *Victor Adsuar*
> > >> *Departamento de Sistemas*
> > >> *Teralco Tecnologías Informáticas*
> > >> vadsuar at teralco.com
> > >> · Tel. +34 965 68 87 02 · Móv. +34 627 26 87 54
> > >> Avda. de Cartagena 1 Entlo, · 03195 El Altet - Elche (Alicante) ·
> SPAIN ·
> > >> www.teralco.com
> > >>
> > >> *AVISO LEGAL:
> > >> Este mensaje se dirige exclusivamente a su destinatario y puede
> contener
> > >> información reservada y/o CONFIDENCIAL. Si Vd. no es el destinatario
> > >> original no está autorizado a copiar o distribuir esta comunicación a
> > >> ninguna otra persona. Si ha recibido este mensaje por error, le
> rogamos nos
> > >> lo comunique inmediatamente por esta misma vía y proceda a su
> borrado. **
> > >> Gracias**.*
> > >>
> > >>
> > >> *DISCLAIMER:
> > >> This message is intended exclusively for its addressee and may contain
> > >> information that is CONFIDENTIAL and protected by professional
> privilege.
> > >> If you are not the intended recipient you are hereby notified that any
> > >> dissemination, copy or disclosure of this communication is strictly
> > >> prohibited by law. If this message has been received in error, please
> > >> immediately notify us via e-mail and delete it. **Thank** you.*
> > >>
> > >> *
> > >> *
> > >>
> > >> *
> > >> *
> > >>
> > >> *Antes de imprimir este email piense bien si es necesario hacerlo.*
> > >>
> > >> *Cosider your environmental responsibility before printing this enail*
> > >>
> > >
> > >
> > >
> > > --
> > >
> > > *Victor Adsuar*
> > > *Departamento de Sistemas*
> > > *Teralco Tecnologías Informáticas*
> > > vadsuar at teralco.com
> > > · Tel. +34 965 68 87 02 · Móv. +34 627 26 87 54
> > > Avda. de Cartagena 1 Entlo, · 03195 El Altet - Elche (Alicante) ·
> SPAIN ·
> > > www.teralco.com
> > >
> > > *AVISO LEGAL:
> > > Este mensaje se dirige exclusivamente a su destinatario y puede
> contener
> > > información reservada y/o CONFIDENCIAL. Si Vd. no es el destinatario
> > > original no está autorizado a copiar o distribuir esta comunicación a
> > > ninguna otra persona. Si ha recibido este mensaje por error, le
> rogamos nos
> > > lo comunique inmediatamente por esta misma vía y proceda a su borrado.
> **
> > > Gracias**.*
> > >
> > >
> > > *DISCLAIMER:
> > > This message is intended exclusively for its addressee and may contain
> > > information that is CONFIDENTIAL and protected by professional
> privilege.
> > > If you are not the intended recipient you are hereby notified that any
> > > dissemination, copy or disclosure of this communication is strictly
> > > prohibited by law. If this message has been received in error, please
> > > immediately notify us via e-mail and delete it. **Thank** you.*
> > >
> > > *
> > > *
> > >
> > > *
> > > *
> > >
> > > *Antes de imprimir este email piense bien si es necesario hacerlo.*
> > >
> > > *Cosider your environmental responsibility before printing this enail*
> > >
> >
> >
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
*Victor Adsuar*
*Departamento de Sistemas*
*Teralco Tecnologías Informáticas*
vadsuar at teralco.com
· Tel. +34 965 68 87 02 · Móv. +34 627 26 87 54
Avda. de Cartagena 1 Entlo, · 03195 El Altet - Elche (Alicante) · SPAIN ·
www.teralco.com
*AVISO LEGAL:
Este mensaje se dirige exclusivamente a su destinatario y puede contener
información reservada y/o CONFIDENCIAL. Si Vd. no es el destinatario
original no está autorizado a copiar o distribuir esta comunicación a
ninguna otra persona. Si ha recibido este mensaje por error, le rogamos nos
lo comunique inmediatamente por esta misma vía y proceda a su borrado. **
Gracias**.*
*DISCLAIMER:
This message is intended exclusively for its addressee and may contain
information that is CONFIDENTIAL and protected by professional privilege.
If you are not the intended recipient you are hereby notified that any
dissemination, copy or disclosure of this communication is strictly
prohibited by law. If this message has been received in error, please
immediately notify us via e-mail and delete it. **Thank** you.*
*
*
*
*
*Antes de imprimir este email piense bien si es necesario hacerlo.*
*Cosider your environmental responsibility before printing this enail*
More information about the samba
mailing list