Samba4 loading schema.ldif

Matthieu Patou mat at samba.org
Mon Apr 23 12:12:05 MDT 2012 

On 04/23/2012 10:29 AM, Matthieu Patou wrote:
> Hello Geza,
>
>>>> I've seen, that your patches were merged in master, however trying to
>>>> load the attached ldif (generated with patched oLschema2ldif with
>>>> X-NDS_CONTAINMENT mods) still waxes the schema. Looking at the 
>>>> modified
>>>> schema ldb it seems, that it still misses the oMObjectClass 
>>>> attributes.
>>>> BTW I've overcome the name collision by applying the following ldif:
>>>>
>>>> dn: CN=DHCP-Class,CN=Schema,CN=Configuration,DC=kzsdabas,DC=hu
>>>> changetype: modify
>>>> replace: lDAPDisplayName
>>>> lDAPDisplayName: msdHCPClass
>>>>
>>>> dn: CN=dhcp-Options,CN=Schema,CN=Configuration,DC=kzsdabas,DC=hu
>>>> changetype: modify
>>>> replace: lDAPDisplayName
>>>> lDAPDisplayName: msdhcpOptions
>>>>
>>>> It probably makes MS DHCP Servers useless in the Domain, but I do not
>>>> intend to have any MS servers anyway.
>>> Does this LDIF work against a Windows server?
>>>
>>> If we allow this in samba, we need to make sure that there are
>>> no instances of this classes and attributes in the directory,
>>> otherwise we'll get corruption.
>>>
>>> metze
>>>
>>>
>> Hi,
>>
>> Before I would propose any inclusion or recommendation I'm going to test
>> it against a Windows 2008 R2 server.
>>
>> BTW. I'm not really sure that this rename is needed at all, because ISC
>> DHCP is looking for the cn attribute, and not the lDAPDisplayName.
> But that's not that simple, you can't have two attributes with the 
> same ldapdisplayname, I'm really unsure that ISC is using just CN.
> When it creates and fetch object from the dhcp* classes it will check 
> for attributes and those attributes have the ldapdisplayname of the 
> schemaAttributes.
> That means that the ldapdisplayname is really important, more 
> important than the CN in fact.
>
>
>
> My patches are at:
> http://gitweb.samba.org/?p=mat/samba.git;a=shortlog;h=refs/heads/misc
>
>
> It's not rebased on the latest version of master, I'll try to do it soon.
>

I really confirm that my setup with master 
(5b5b696c1e36dc7f81da24158e0853290084dec8) is really working (once I 
rename the two ldapdisplayname of MS attributes):

./bin/ldbmodify -H ldap://127.0.0.1 -U administrator%totoTATA123 
~/dhcp3.ldif
Modified 76 records successfully

After loading the schema, I can search the database not only the schema 
is not toasted but newly created classes are here.

./bin/ldbsearch -H ldap://127.0.0.1 -U administrator%totoTATA123 
--cross-ncs '(ldapdisplayname=dhcppo*)' dn
# record 1
dn: CN=dhcpPool6,CN=Schema,CN=Configuration,DC=home,DC=matws,DC=net

# record 2
dn: CN=dhcpPoolDN,CN=Schema,CN=Configuration,DC=home,DC=matws,DC=net

# record 3
dn: CN=dhcpPool,CN=Schema,CN=Configuration,DC=home,DC=matws,DC=net


I didn't try to do anything useful but I expect this to work.

Matthieu.

-- 
Matthieu Patou
Samba Team
http://samba.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: dhcp3.ldif
Type: text/x-ldif
Size: 41385 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120423/2b0a1c3f/attachment.bin>

More information about the samba-technical mailing list