Thanks to Andrew(s), OpenChange Schema works again

Sassy Natan sassyn at gmail.com
Tue Jan 6 09:37:18 GMT 2009 

Dear Julien

I have build a new Debian machine after compiling Samba4 and OpenChange
I have build my own deb file - so if you would like I can also send it to
you.

Samba complication was working great, no problem with this one.  I used the
4.0.f308c2f version (as you point out in the install script)

I have also add to recompile openldap and not using the Debian Repository
since I needed version 2.4.13 (due to the deref module).
I found out that when compiling OpenLDAP with --enable-slapi=no
and --enable-slp=no you can't using OpenLDAP as Samba4 Backend.
Also Found out that Generating Samba's private keys takes infinite time, so
I skip this step, as u suggested.

I end up with samba4 working on openldap with no problem. Packed them to my
own DEB file.

Now I compiled the openchange like this
./configure --prefix=/usr --exec-prefix=/usr/sbin --bindir=/usr/bin
--sbindir=/usr/sbin --libexecdir=/usr/sbin --sysconfdir=/etc/
--localstatedir=/var --libdir=/usr/lib/ --includedir=/usr/include/
--mandir=/usr/share/man --datarootdir=/usr/share/openchange
--enable-swig-perl --enable-pymapi --verbose

run make;make install, make provision-install, make mapiproxy-install,
make installman, make install-server.

Now I started to provision my site. I don't know why - But i added to create
the smb.conf before starting any step. It was workign before but somethig
happend.

 So now I run the provision-backend, provision, add the options required for
openchange in the smb.conf
      ### Configuration required by mapiproxy ###
        dcesrv:assoc group checking = false
        dcerpc endpoint servers = epmapper, mapiproxy
        dcerpc_mapiproxy:binding = ncacn_ip_tcp:192.168.0.5[print]
        dcerpc_mapiproxy:username = user
        dcerpc_mapiproxy:password = pass
        dcerpc_mapiproxy:domain = boxit
        dcerpc_mapiproxy:interfaces = exchange_emsmdb, exchange_nsp,
exchange_ds_rfr
        dcerpc_mapiproxy:modules = downgrade
       dcerpc_mapiproxy:server = true
       dcerpc_mapiproxy:proxy = true
        ### Configuration required by mapiproxy ###

 and runing samba -i -M single -d5

DCERPC endpoint server 'wkssvc' registered
DCERPC endpoint server 'drsuapi' registered
DCERPC endpoint server 'spoolss' registered
DCERPC endpoint server 'winreg' registered
DCERPC endpoint server 'epmapper' registered
DCERPC endpoint server 'srvsvc' registered
DCERPC endpoint server 'netlogon' registered
DCERPC endpoint server 'browser' registered
DCERPC endpoint server 'rpcecho' registered
DCERPC endpoint server 'unixinfo' registered
DCERPC endpoint server 'samr' registered
DCERPC endpoint server 'remote' registered
DCERPC endpoint server 'dssetup' registered
DCERPC endpoint server 'lsarpc' registered
DCERPC endpoint server 'exchange_emsmdb' registered
DCERPC endpoint server 'exchange_nsp' registered
DCERPC endpoint server 'exchange_ds_rfr' registered
DCERPC endpoint server 'mapiproxy' registered
dcesrv_interface_register: interface 'epmapper' registered on endpoint
'ncacn_np:[\pipe\epmapper]'
dcesrv_interface_register: interface 'epmapper' registered on endpoint
'ncacn_ip_tcp:[135]'
dcesrv_interface_register: interface 'epmapper' registered on endpoint
'ncalrpc:[EPMAPPER]'
MAPIPROXY module 'cache' registered
MAPIPROXY module 'pack' registered
MAPIPROXY module 'dummy' registered
MAPIPROXY module 'downgrade' registered
MAPIPROXY module 'downgrade' loaded
mapiproxy_module_load 'downgrade' (Downgrade EMSMDB protocol version
EcDoConnect/EcDoRpc)
MAPIPROXY server 'exchange_emsmdb' registered
MAPIPROXY server 'exchange_nsp' registered
MAPIPROXY server 'exchange_ds_rfr' registered
MAPIPROXY server mode enabled
*MAPIPROXY proxy mode disabled
*mapiproxy_server_load 'exchange_nsp' (OpenChange NSPI server)
mapiproxy_server_load 'exchange_emsmdb' (OpenChange EMSMDB server)
mapiproxy_server_load 'exchange_ds_rfr' (OpenChange RFR server)
dcesrv_interface_register: interface 'exchange_emsmdb' registered on
endpoint 'ncacn_np:[\pipe\lsass]'
dcesrv_interface_register: interface 'exchange_emsmdb' registered on
endpoint 'ncacn_np:[\pipe\protected_storage]'
dcesrv_interface_register: interface 'exchange_emsmdb' registered on
endpoint 'ncacn_ip_tcp:'
dcesrv_interface_register: interface 'exchange_nsp' registered on endpoint
'ncacn_np:[\pipe\lsass]'
dcesrv_interface_register: interface 'exchange_nsp' registered on endpoint
'ncacn_np:[\pipe\protected_storage]'
dcesrv_interface_register: interface 'exchange_nsp' registered on endpoint
'ncacn_ip_tcp:[]'
dcesrv_interface_register: interface 'exchange_ds_rfr' registered on
endpoint 'ncacn_np:[\pipe\lsass]'
dcesrv_interface_register: interface 'exchange_ds_rfr' registered on
endpoint 'ncacn_np:[\pipe\protected_storage]'
dcesrv_interface_register: interface 'exchange_ds_rfr'



 the proxy module is disable since it can't bind to the samba4.

when running the provision script i get the fowling:

DevBox:/usr/share/openchange/setup# ./openchange_provision
--username=samba-admin --password=manager11
--simple-bind-dn=cn=samba-admin,cn=samba
NOTE: This operation can take several minutes
[+] Step 1: Register Exchange OIDs
[+] Step 2: Add new Exchange classes and attributes to Samba schema
Traceback (most recent call last):
  File "./openchange_provision", line 53, in <module>
    openchange.provision(setup_path, lp, creds, firstorg=opts.firstorg,
firstou=opts.firstou)
  File "/usr/lib/python2.5/site-packages/openchange/provision.py", line 309,
in provision
    install_schemas(setup_path, names, lp, creds)
  File "/usr/lib/python2.5/site-packages/openchange/provision.py", line 144,
in install_schemas
    "SCHEMADN": names.schemadn
  File "/usr/lib/python2.5/site-packages/samba/provision.py", line 164, in
setup_add_ldif
    ldb.add_ldif(data)
  File "/usr/lib/python2.5/site-packages/samba/__init__.py", line 192, in
add_ldif
    self.add(msg)
_ldb.LdbError: (19, 'LDAP error 19 LDAP_CONSTRAINT_VIOLATION -  <entryDN: no
user modification allowed> <>')

Why? also when running  ./openchange_newuser --create  username
Traceback (most recent call last):
  File "./openchange_newuser", line 60, in <module>
    openchange.newuser(lp, creds, username=args[0])
  File "/usr/lib/python2.5/site-packages/openchange/provision.py", line 251,
in newuser
    samdb.modify_ldif(extended_user)
  File "/usr/lib/python2.5/site-packages/samba/__init__.py", line 200, in
modify_ldif
    self.modify(msg)
_ldb.LdbError: (32, 'No such object (32)')

 This is what I'm getting?

any clue?

thanks again sassy
On Mon, Jan 5, 2009 at 12:49 AM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Tue, 2008-12-30 at 17:11 +0100, Julien Kerihuel wrote:
> > Hi Lists,
> >
> > I just wanted to thank Andrew Tridgell and Andrew Bartlett for the very
> > good work on LDB and how they fixed the "excessive LDB schema file size"
> > issue OpenChange encountered a while ago.
> >
> > I've just been testing the whole thing and schema file only takes 5MB
> > while it used to be ~700MB.
>
> Thanks!  There is something quite satisfying about achieving a 100x
> reduction in file size.
>
> > Similarly, opening schema.ldb with ldbedit and quitting without saving
> > used to add 200MB more to the file while it now remains identical.
> >
> > So we now have a very acceptable 7.6MB schema file and OpenChange schema
> > provisioning and user attributes extension still work properly.
> >
> > I'll be working for the next day on EMSABP integration within mapiproxy
> > + some kind of modular server system so we can choose between "real
> > providers" and "fake ones" only intended to torture libmapi/Outlook.
> >
> > Once again, thanks for all the good work!
>
> I'm glad to hear it has been of so much value to OpenChange.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Red Hat Inc.
>

More information about the samba-technical mailing list