Extending Samba 4 schema for OSX GPO support

Kamen Mazdrashki kamenim at samba.org
Mon Nov 29 16:15:37 MST 2010


Hi Aubrey,

I was about to say that now I am really confused what the problem might be
and it is a *very* dummy one :) LOL
Instead of:
user at pdc:/usr/local/samba/bin$ sudo /usr/local/samba/bin/ldbmodify -H
pdc.xxx.xxx  --user=XXX/administrator%xxxxx
/home/psadmin/apple-mods.ldif
please try with:
user at pdc:/usr/local/samba/bin$ sudo /usr/local/samba/bin/ldbmodify -H
ldap://pdc.xxx.xxx  --user=XXX/administrator%xxxxx
/home/psadmin/apple-mods.ldif




-- 
CU,
Kamen


On Tue, Nov 30, 2010 at 00:37, Aubrey Ekstrom
<aekstrom at proclivitysystems.com> wrote:
> Hi Kamen,
>
> Thanks for the reply! Sorry, my bad... I totally forgot to clean first <BLUSH>.
>
> This time I even ran rm -r on /usr/local/samba before the install just to be sure everything was fresh.
>
> So that worked great as far "make quicktest" showing no errors, and after make install and provisioning steps, Samba 4 passes DNS, Authentication and Kerberos tests. Then I ran ldbmodify and imported the file you sent me this morning... and I still get the same errors :^/. The add attributes and add classes import fine, but it still doesn't like the modify statements:
>
> user at pdc:/usr/local/samba/bin$ sudo /usr/local/samba/bin/ldbmodify -H pdc.xxx.xxx  --user=XXX/administrator%xxxxx /home/psadmin/apple-mods.ldif
> ERR: (No such object) "No such object (32)" on DN
> ERR: (No such object) "No such object (32)" on DN
> ERR: (No such object) "No such object (32)" on DN CN=User,CN=Schema,CN=Configuration,DC=xxx,DC=xxx
> ERR: (No such object) "No such object (32)" on DN CN=Computer,CN=Schema,CN=Configuration,DC=xxx,DC=xxx
> ERR: (No such object) "No such object (32)" on DN CN=Group,CN=Schema,CN=Configuration,DC=xxx,DC=xxx
> Modified 46 records with 5 failures
>
> The first 2 errors refer to these statements at the end of the add attributes and add classes sections in the ldif:
>
> dn:
> changetype: modify
> add: schemaUpdateNow
> schemaUpdateNow: 1
>
> the other 3 errors are for the auxiliaryClass modify statements at the end of the file (same as before):
>
> # Add the new class to the user object
> dn: CN=User,CN=Schema,CN=Configuration,DC=xxx,DC=xxx
> changetype: modify
> add: auxiliaryClass
> auxiliaryClass: apple-user
> -
>
> # Add the new class to the computer object
> dn: CN=Computer,CN=Schema,CN=Configuration,DC=xxx,DC=xxx
> changetype: modify
> add: auxiliaryClass
> auxiliaryClass: apple-computer
> -
>
> # Add the new class to the group object
> dn: CN=Group,CN=Schema,CN=Configuration,DC=xxx,DC=xxx
> changetype: modify
> add: auxiliaryClass
> auxiliaryClass: apple-group
> -
>
> I am definitely running the latest Samba4 from GIT:
>
> user at pdc:/usr/local/samba/bin$ ../sbin/samba --version
> Version 4.0.0alpha14-GIT-800a76d
>
> I am assuming that I need those auxilaryClasses for this to work (otherwise why does Apple include them?). I am not so sure about needing the 2 "add: schemaUpdateNow" statements (since it appears the attributes and classes get added), but again I don't understand why I am getting these errors and you are not.
>
> It's late in the day here now, so I will play with this a little more on my own, and return to it in earnest tomorrow.
>
> Thanks again for all the help (and patience).
>
> Cheers,
>
>
> Aubrey Ekstrom | Systems Administrator | Proclivity Systems
> 22 West 19th St., Ninth Floor, New York, NY 10011 | 646-237-3727
> http://www.proclivitysystems.com
>
>
> This message is the property of Proclivity Systems, Inc. and is intended
> only for the use of the addressee(s), and may contain material that is
> confidential and privileged for the sole use of the intended recipient.  If
> you are not the intended recipient, reliance or forwarding without express
> permission is strictly prohibited; please contact the sender and delete all
> copies.
>
> ----- Original Message -----
> From: "Kamen Mazdrashki" <kamenim at samba.org>
> To: "Aubrey Ekstrom" <aekstrom at proclivitysystems.com>
> Cc: "Andrew Bartlett" <abartlet at samba.org>, samba-technical at lists.samba.org
> Sent: Monday, November 29, 2010 3:29:27 PM
> Subject: Re: Extending Samba 4 schema for OSX GPO support
>
> Hi Aubrey,
>
> On Mon, Nov 29, 2010 at 19:47, Aubrey Ekstrom
> <aekstrom at proclivitysystems.com> wrote:
>> Hi Karmen,
>>
>> I did a "git pull" to get the latest source for Samba 4, which appeared to work fine. Generated the config scripts and ran configure.developer in the Source4 directory. All seemed OK. Ran make. No errors... but when I run "make quicktest" I get many errors (200+), many of which look like this:
>>
>> ldb: module version mismatch in ../dsdb/samdb/ldb_modules/dsdb_cache.c : ldb_version=0.9.19 module_version=0.9.18
>> ldb: failed to initialise module /home/psadmin/samba-master/source4/bin/modules/ldb/dsdb_cache.so : Unavailable
>> Traceback (most recent call last):
>>  File "./setup/provision", line 262, in <module>
>>    useeadb=eadb, next_rid=opts.next_rid, lp=lp)
>>  File "bin/python/samba/provision/__init__.py", line 1521, in provision
>>    schemadn=names.schemadn)
>>  File "bin/python/samba/schema.py", line 81, in __init__
>>    self.ldb = SamDB(global_schema=False, am_rodc=False)
>> MemoryError
>> Unable to provision:
>> NSS_WRAPPER_PASSWD="/home/psadmin/samba-master/source4/st/dc/etc/passwd" NSS_WRAPPER_GROUP="/home/psadmin/samba-master/source4/st/dc/etc/group" ./setup/provision --configfile=/home/psadmin/samba-master/source4/st/dc/etc/smb.conf --host-name=localdc --host-ip=127.0.0.1 --quiet --domain=SAMBADOMAIN --realm=SAMBA.EXAMPLE.COM --adminpass=locDCpass1 --krbtgtpass=krbtgtlocDCpass1 --machinepass=machinelocDCpass1 --root=root --server-role="domain controller" --function-level="2008"
>> PROVISIONING DC...testsuite: samba4.rpc.echo on ncacn_ip_tcp with sign and --option=ntlmssp_client:ntlm2=no --option=torture:quick=yes(dc)
>> no output for name[samba4.rpc.echo on ncacn_ip_tcp with sign and --option=ntlmssp_client:ntlm2=no --option=torture:quick=yes(dc)]
>> ERROR: Testsuite[samba4.rpc.echo on ncacn_ip_tcp with sign and --option=ntlmssp_client:ntlm2=no --option=torture:quick=yes(dc)]
>> REASON: unable to set up environment dc - exiting
>>
>> It looks like  the first line "ldb: module version mismatch in ../dsdb/samdb/ldb_modules/dsdb_cache.c : ldb_version=0.9.19 module_version=0.9.18" may be the main issue? Not sure if that is the only problem or the main problem or what to do to fix it. I do know I did not get any errors with "make quicktest" with the version I am currently using. Any advise is appreciated. Thanks!
>>
>
> I've never had such a problem. But what I think you should do is to
> rebuild again:
> $ make distclean
> $./configure.developer
> $ make -j
>
> It seems you have a dsdb_cache.so module, and there is no such module anymore
> (ironically, Tridge has deleted it just a few hours after your
> previous checkout) :)
>
> --
> Cheers,
> Kamen
> ---------
> This message is the property of Proclivity Systems, Inc. and is intended
> only for the use of the addressee(s), and may contain material that is
> confidential and privileged for the sole use of the intended recipient.
> If you are not the intended recipient, reliance or forwarding without
> express permission is strictly prohibited; please contact the sender and
> delete all copies.
>
>


More information about the samba-technical mailing list