samba with openldap provisioning

[Andrew Bartlett]

On Tue, 2013-09-03 at 08:29 +1200, Andrew Bartlett wrote:
> On Mon, 2013-09-02 at 17:09 +0300, Nadezhda Ivanova wrote:
> > Hi Andrew,
> > 
> > I was also able to provision, after applying your patches and removing
> > --use-rfc2307 and adding --use-ntvfs in my provision command. Phew!
> > One step forward! Now I get a bigger shovel and continue digging on
> > the openldap side, I'll keep you posted on the progress.
> 
> Great!  So I can reproduce exactly what you did, was this with OpenLDAP
> from CVS or from GIT?
> 
> Let's keep digging, we will make this pig fly again!

I've found the missing patch.  We ripped this out when we dropped the
LDAP backend.  With this patch, we now connect in 'samba', and are ready
to pass the baton back over to the OpenLDAP side of things.  The next
error is from slapd, with one of the reasons we stopped doing this:
'invalid' (presumably extended) DNs. 

dn: cn=NTDS
Settings,cn=RUTH,cn=Servers,cn=Default-First-Site-Name,cn=Sites,cn=Configuration,dc=ldap,dc=samba,dc=example,dc=com



ldb: ldb_trace_response: DONE
error: 0

ldb: ldb_trace_next_request: (partition)->search
ldb: ldb_trace_next_request: (schema_data)->search
ldb: ldb_trace_next_request: (entryuuid)->search
ldb: ldb_trace_next_request: (paged_searches)->search
ldb: ldb_trace_next_request: (simple_dn)->search
ldb: ldb_trace_next_request: (ldap)->search
ldb: ldb_asprintf/set_errstring: LDAP error 34 LDAP_INVALID_DN_SYNTAX -
<invalid DN> <>

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Catalyst IT                   http://catalyst.net.nz

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Revert-s4-dsdb-Remove-LDAP-backend-credentials-suppo.patch
Type: text/x-patch
Size: 3010 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130903/a6617e4f/attachment.bin>