SambaSAMAccount and IBM Domino

Michael Lucchese MLucchese at
Wed Oct 28 21:35:56 MDT 2009

Here is an example of the problem:

We already have added the SambaSAMAccount objectclass and
its related OIDs into the Domino LDAP Schema

When smbpasswd is executed to add the SambaSAMAccount attributes to a
POSIX account it will add the objectclass SambaSAMAccount together with
several of the SambaSAMAccount attributes.  This is followed by an
ldapsearch for "(objectclass=SambaSAMAccount)" which fails because even
though the SambaSAMAccount attributes were added to the DIT, the
objectclass SambaSAMAccount does not persist in the DIT entry. Because
this validation fails, the process of adding the SambaSAMAccount
attributes fails in total.

When we add a DIT entry via an LDIF file that does specify the
objectclass SambaSAMAccount, the SambaSAMAccount attributes are added to
the DIT, but again the objectclass SambaSAMAccount is not persistent in
the DIT.  As a result, ldap searches performed by Samba which seeks to
locate the SambaSAMAccount objectclass fails, and again the process
terminates in failure.


Michael Lucchese 
Senior Software Engineer
P:  +61 2 8999 2825
M:  0400 134 444
E:  mlucchese at
streamline your business processes  - lead with Lotus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 4552 bytes
Desc: not available
URL: <>

More information about the samba-technical mailing list