[FYI] samba_2_2 openLdap 2.1.3 and the auxiliary/structural objects

Shahms E. King shahms at shahms.com
Tue Aug 13 08:23:01 GMT 2002

How should we handle this within Samba? Should we create a new user with
a "person" objectClass and a sambaAccount (assuming an applicable
non-sambaAccount object doesn't exist, of course).  This does simplify
some things (we can take cn out of the sambaAccount) but adds the
(possible) difficulty of requiring an sn (which, btw is lacking from
your example of a "correct" ldif, so you might want to fix that).  It's
been a while since I last looked at the samba attribubtes -> LDAP
mapping, so I don't remember if there is already something suitable for
sn or not.


On Tue, 2002-08-13 at 10:07, Ignacio Coupeau wrote:
> I wrote a note about the use the ldif files as provided in the docs, 
> because an structural object *must* be present with the new samba schema 
> and the strong schema checking in the new openldap (2.1.3).
> http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html#AUXILIARY
> The command "bin/smbpasswd -a <user>" is useless with the openldap 2.1.3 
> unless an account exists because the samba_2_2 code don't supply an 
> structural object:
> ldap_search_one_user: searching 
> for:[(&(uid=ccourse)(objectclass=sambaAccount))]
> ldap_search_one_user: searching for:[uid=ccourse]
> Adding new user
> Setting entry for user: ccourse
> failed to modify user with uid = ccourse with: Object class violation
>          no structural object classes provided
> Failed to add entry for user ccourse.
> Failed to modify password entry for user ccourse
> Ignacio
> -- 
> ____________________________________________________
> Ignacio Coupeau, Ph.D.     e-mail: icoupeau at unav.es
> CTI, Director              fax:    948 425619
> University of Navarra      voice:  948 425600
> Pamplona, SPAIN            http://www.unav.es/cti/

More information about the samba-technical mailing list