Adding schema and entries to samba4

Tue Aug 28 10:40:37 MDT 2012

2012-08-27 15:04 keltezéssel, William Brown írta:
> On 08/27/2012 10:10 PM, Gémes Géza wrote:
>> 2012-08-27 09:17 keltezéssel, Matthieu Patou írta:
>>> On 08/26/2012 10:38 PM, Gémes Géza wrote:
>>>> 2012-08-27 03:49 keltezéssel, William Brown írta:
>>>>> Hi,
>>>>>
>>>>> I have been experimenting with the possibility of adding the ISC-DHCP
>>>>> ldap schema to samba4. I have created such a schema, and it appears to
>>>>> import correctly (Albeit, in two steps - It seems with ldbadd you can't
>>>>> add attributes and classes in a single operation if the classes rely on
>>>>> the attributes existing.) Find the schema attached.
>>>>>
>>>>> This was added to a fresh provision of samba4 (cbecd15 HEAD@{0}: clone:
>>>>> from git://git.samba.org/samba.git)
>>>>>
>>>>> /usr/samba4/sbin/provision --realm=dev.firstyear.id.au --domain=DEV
>>>>> --adminpass= --server-role=dc --dns-backend=SAMBA_INTERNAL
>>>>> /usr/samba4/bin/ldbmodify -H /usr/samba4/private/sam.ldb
>>>>> /root/ad-schema.ldif.txt --option="dsdb:schema update allowed"=true
>>>>> /usr/samba4/bin/ldbmodify -H /usr/samba4/private/sam.ldb
>>>>> /root/ad-schema.classes.ldif --option="dsdb:schema update allowed"=true
>>>>>
>>>>> Once these attributes and classes are added, I attempt to add some
>>>>> objects using these new entries. However, I receive the following error
>>>>> on entries that include the new schema objects. Find the ldif I attempt
>>>>> to load attached.
>>>>>
>>>>> adding new entry
>>>>> "cn=samba4dhcp.dev.firstyear.id.au,cn=v4,cn=servers,cn=isc,cn=dhcp,dc=dev,dc=firstyear,dc=id,dc=au"
>>>>>
>>>>> ldap_add: Naming violation (64)
>>>>>      additional info: 00002037: structural objectClass dhcpServer is
>>>>> not a
>>>>> valid child class for
>>>>> CN=v4,CN=servers,CN=isc,CN=dhcp,DC=dev,DC=firstyear,DC=id,DC=au
>>>>>
>>>>> Have I made a mistake in my schema, or my ldif for loading. The same
>>>>> ldif appears to work on 389ds, with the same schema. Or is this a known
>>>>> issue with the addition of schemas in samba4?
>>>>>
>>>> Hi,
>>>>
>>>> I've fought with loading isc dhcp schema into Samba4. How did you
>>>> overcome the name collision on dhcpClass and dhcpOption?
> I didn't seem to have an issue - It would seem that in newer MS schemas
> these are named dhcp-Class and dhcp-Option. Thus I had no issues loading
> my schema besides the aforementioned need to split attributes and classes.
>
>>> I thought it was fixed and you managed to load it on your s4 ?
>>>
>>> Matthieu.
>>>
>> I've stepped back on it as the modified schema doesn't load into W2K8R2
>> because there dhcpClass and dhcpOption couldn't be renamed :-(
>> Unfortunately I hadn't time to complete a proper fix, it would need to
>> rename the conflicting attributes (and I've decided to rename all adding
>> an "isc" prefix to them) and then patching the dhcp server code to deal
>> with the modified attributes.
>
> I have been working on the ldap code in ISC DHCP later, and would be
> happy to help with this if you like.
>
> Regardless, I'm not sure *why* I get the invalid child class message. Is
> there some kind of known issue with custom schemas in samba4?
>
>
Thank you for your offer to help. I've planed to ad a new config option 
(e.g. LDAPType) with default value OpenLDAP, in which case the actual 
code would be used, but if its value would be ActiveDirectory, or AD it 
would look for the same attributes/objectClasses, but with an isc prefix.

Cheers

Geza Gemes