ldap provisioning - invalid CREATTIME attribute
Andreas Schultz
aschultz at warp10.net
Mon Sep 28 11:09:17 MDT 2009
Hi,
When trying to provision an openldap backend on Ubuntu Karmic i ran
into two problems.
1.) Ubuntu builds openldap with everything as modules. The initial
slapd.conf therefore needs to explicitly load the required modules.
--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -13,6 +13,15 @@ pidfile ${LDAPDIR}/slapd.pid
argsfile ${LDAPDIR}/slapd.args
sasl-realm ${DNSDOMAIN}
+# load several database backends
+moduleload back_hdb.la
+
+# load several overlays
+moduleload deref.la
+moduleload refint.la
+moduleload memberof.la
+moduleload syncprov.la
+
#authz-regexp
# uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth
# ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
2.) while loading provision.ldif the process aborted with:
_ldb.LdbError: (21, 'LDAP error 21 LDAP_INVALID_ATTRIBUTE_SYNTAX -
<creationTime: value #0 invalid per syntax> <>')
It turned out that the CREATTIME attribute was formated as
1.254156801e+16. Changing the str() call to a % construct fixed that
(i'm not python hacker, so my solution might be wrong...)
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1010,7 +1010,7 @@ def setup_samdb(path, setup_path, session_info,
credentials, lp,
domainguid_mod = ""
setup_modify_ldif(samdb, setup_path("provision_basedn_modify.ldif"), {
- "CREATTIME": str(int(time.time()) * 1e7), # seconds -> ticks
+ "CREATTIME": '%d' % (int(time.time()) * 1e7), # seconds -> ticks
"DOMAINSID": str(domainsid),
"SCHEMADN": names.schemadn,
"NETBIOSNAME": names.netbiosname,
@@ -1078,7 +1078,7 @@ def setup_samdb(path, setup_path, session_info,
credentials, lp,
"DOMAINDN": names.domaindn})
message("Setting up sam.ldb data")
setup_add_ldif(samdb, setup_path("provision.ldif"), {
- "CREATTIME": str(int(time.time()) * 1e7), # seconds -> ticks
+ "CREATTIME": '%d' % (int(time.time()) * 1e7), # seconds -> ticks
"DOMAINDN": names.domaindn,
"NETBIOSNAME": names.netbiosname,
"DEFAULTSITE": names.sitename,
Regards
Andreas
More information about the samba-technical
mailing list