ldap provisioning - invalid CREATTIME attribute

Andreas Schultz aschultz at warp10.net
Mon Sep 28 11:09:17 MDT 2009


Hi,

When trying to provision an openldap backend on Ubuntu Karmic i ran
into two problems.

1.) Ubuntu builds openldap with everything as modules. The initial
slapd.conf therefore needs to explicitly load the required modules.

--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -13,6 +13,15 @@ pidfile              ${LDAPDIR}/slapd.pid
 argsfile       ${LDAPDIR}/slapd.args
 sasl-realm ${DNSDOMAIN}

+# load several database backends
+moduleload back_hdb.la
+
+# load several overlays
+moduleload deref.la
+moduleload refint.la
+moduleload memberof.la
+moduleload syncprov.la
+
 #authz-regexp
 #          uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth
 #          ldap:///${DOMAINDN}??sub?(samAccountName=\$1)

2.) while loading provision.ldif the process aborted with:

_ldb.LdbError: (21, 'LDAP error 21 LDAP_INVALID_ATTRIBUTE_SYNTAX -
<creationTime: value #0 invalid per syntax> <>')

It turned out that the CREATTIME attribute was formated as
1.254156801e+16. Changing the str() call to a % construct fixed that
(i'm not python hacker, so my solution might be wrong...)

--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1010,7 +1010,7 @@ def setup_samdb(path, setup_path, session_info,
credentials, lp,
             domainguid_mod = ""

         setup_modify_ldif(samdb, setup_path("provision_basedn_modify.ldif"), {
-            "CREATTIME": str(int(time.time()) * 1e7), # seconds -> ticks
+            "CREATTIME": '%d' % (int(time.time()) * 1e7), # seconds -> ticks
             "DOMAINSID": str(domainsid),
             "SCHEMADN": names.schemadn,
             "NETBIOSNAME": names.netbiosname,
@@ -1078,7 +1078,7 @@ def setup_samdb(path, setup_path, session_info,
credentials, lp,
                 "DOMAINDN": names.domaindn})
         message("Setting up sam.ldb data")
         setup_add_ldif(samdb, setup_path("provision.ldif"), {
-            "CREATTIME": str(int(time.time()) * 1e7), # seconds -> ticks
+            "CREATTIME": '%d' % (int(time.time()) * 1e7), # seconds -> ticks
             "DOMAINDN": names.domaindn,
             "NETBIOSNAME": names.netbiosname,
             "DEFAULTSITE": names.sitename,


Regards
Andreas


More information about the samba-technical mailing list