Samba 4.0.0~alpha5+20090105-1 (Debian) can't be used with a openldap backend?

[Alejandro]

Hello, I have a problem testing samba4 usign the Debian packages and i
can't provision the backend.
The openldap server is 2.4.13, compiled from the source to get the deref module.

Use provision backend as documented in the wiki:

setup/provision-backend --domain=sv.net --realm=sv.net
--ldap-admin-pass=penguin --ldap-backend-type=openldap
--server-role='domain controller'

And provision with:

setup/provision --host-name=debianbase4 --domain=sv.net --realm=sv.net
--ldap-backend=ldapi --ldap-backend-type=openldap --password=penguin
--username=samba-admin --server-role='domain controller'

But i get the error:

ldb.LdbError: (21, 'LDAP error 21 LDAP_INVALID_ATTRIBUTE_SYNTAX -
<wellKnownObjects: value #0 invalid per syntax> <>')

The modify ldif is:

Modifying DomainDN: DC=sv,DC=net
$(###############################
# Domain Naming Context
###############################
dn: DC=sv,DC=net
changetype: modify
-
replace: forceLogoff
forceLogoff: 9223372036854775808
-
replace: lockoutDuration
lockoutDuration: -18000000000
-
replace: lockOutObservationWindow
lockOutObservationWindow: -18000000000
-
replace: lockoutThreshold
lockoutThreshold: 0
-
replace: maxPwdAge
maxPwdAge: -37108517437440
-
replace: minPwdAge
minPwdAge: 0
-
replace: minPwdLength
minPwdLength: 7
-
replace: modifiedCountAtLastProm
modifiedCountAtLastProm: 0
-
replace: nextRid
nextRid: 1000
-
replace: pwdProperties
pwdProperties: 1
-
replace: pwdHistoryLength
pwdHistoryLength: 24
-
replace: objectSid
objectSid: S-1-5-21-538214903-796622418-3386147053
-
replace: oEMInformation
oEMInformation: Provisioned by Samba4: 20090109105544.0Z
-
replace: serverState
serverState: 1
-
replace: nTMixedDomain
nTMixedDomain: 1
-
replace: msDS-Behavior-Version
msDS-Behavior-Version: 0
-
replace: ridManagerReference
ridManagerReference: CN=RID Manager$,CN=System,DC=sv,DC=net
-
replace: uASCompat
uASCompat: 1
-
replace: modifiedCount
modifiedCount: 1
-
replace: fSMORoleOwner
fSMORoleOwner: CN=NTDS
Settings,CN=DEBIANBASE4,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sv,DC=net
-
replace: isCriticalSystemObject
isCriticalSystemObject: TRUE
-
replace: subRefs
subRefs: CN=Configuration,DC=sv,DC=net
subRefs: CN=Schema,CN=Configuration,DC=sv,DC=net
-
replace: gPLink
gPLink: [LDAP://CN={c1f91d72-3f41-4a62-bf41-3b063134ec11},CN=Policies,CN=System,DC=sv,DC=net;0]
-
replace: wellKnownObjects
wellKnownObjects:
B:32:22b70c67d56e4efb91e9300fca3dc1aa:CN=ForeignSecurityPrincipals,DC=sv,DC=net
wellKnownObjects:
B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,DC=sv,DC=net
wellKnownObjects: B:32:ab1d30f3768811d1aded00c04fd8d5cd:CN=System,DC=sv,DC=net
wellKnownObjects: B:32:a361b2ffffd211d1aa4b00c04fd7d83a:OU=Domain
Controllers,DC=sv,DC=net
wellKnownObjects:
B:32:aa312825768811d1aded00c04fd8d5cd:CN=Computers,DC=sv,DC=net
wellKnownObjects: B:32:a9d1ca15768811d1aded00c04fd8d5cd:CN=Users,DC=sv,DC=net
-

)

Any workaround or patch in this version?


-- 
Alejandro Escanero Blanco
Administrador de Sistemas GNU/Linux
Desarrollador de GOsa (http://www.gosa-project.org)
Blog: http://www.chaosdimension.org
Support: http://www.brokenring.org
Jabber: blainett at jabberes.com