[FYI] samba_2_2 openLdap 2.1.3 and the auxiliary/structural
objects
Shahms E. King
shahms at shahms.com
Tue Aug 13 08:23:01 GMT 2002
How should we handle this within Samba? Should we create a new user with
a "person" objectClass and a sambaAccount (assuming an applicable
non-sambaAccount object doesn't exist, of course). This does simplify
some things (we can take cn out of the sambaAccount) but adds the
(possible) difficulty of requiring an sn (which, btw is lacking from
your example of a "correct" ldif, so you might want to fix that). It's
been a while since I last looked at the samba attribubtes -> LDAP
mapping, so I don't remember if there is already something suitable for
sn or not.
--Shahms
On Tue, 2002-08-13 at 10:07, Ignacio Coupeau wrote:
> I wrote a note about the use the ldif files as provided in the docs,
> because an structural object *must* be present with the new samba schema
> and the strong schema checking in the new openldap (2.1.3).
>
> http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html#AUXILIARY
>
> The command "bin/smbpasswd -a <user>" is useless with the openldap 2.1.3
> unless an account exists because the samba_2_2 code don't supply an
> structural object:
>
> ldap_search_one_user: searching
> for:[(&(uid=ccourse)(objectclass=sambaAccount))]
> ldap_search_one_user: searching for:[uid=ccourse]
> Adding new user
> Setting entry for user: ccourse
> failed to modify user with uid = ccourse with: Object class violation
> no structural object classes provided
> Failed to add entry for user ccourse.
> Failed to modify password entry for user ccourse
>
> Ignacio
> --
> ____________________________________________________
> Ignacio Coupeau, Ph.D. e-mail: icoupeau at unav.es
> CTI, Director fax: 948 425619
> University of Navarra voice: 948 425600
> Pamplona, SPAIN http://www.unav.es/cti/
>
>
More information about the samba-technical
mailing list