samba with openldap provisioning
hyc at highlandsun.com
Tue Sep 3 21:13:11 CEST 2013
> Date: Tue, 03 Sep 2013 10:42:36 +1200
> From: Andrew Bartlett <abartlet at samba.org>
>> > On Mon, 2013-09-02 at 17:09 +0300, Nadezhda Ivanova wrote:
>>> > > Hi Andrew,
>>> > >
>>> > > I was also able to provision, after applying your patches and removing
>>> > > --use-rfc2307 and adding --use-ntvfs in my provision command. Phew!
>>> > > One step forward! Now I get a bigger shovel and continue digging on
>>> > > the openldap side, I'll keep you posted on the progress.
>> > Great! So I can reproduce exactly what you did, was this with OpenLDAP
>> > from CVS or from GIT?
>> > Let's keep digging, we will make this pig fly again!
> I've found the missing patch. We ripped this out when we dropped the
> LDAP backend. With this patch, we now connect in 'samba', and are ready
> to pass the baton back over to the OpenLDAP side of things. The next
> error is from slapd, with one of the reasons we stopped doing this:
> 'invalid' (presumably extended) DNs.
> dn: cn=NTDS
> ldb: ldb_trace_response: DONE
> error: 0
> ldb: ldb_trace_next_request: (partition)->search
> ldb: ldb_trace_next_request: (schema_data)->search
> ldb: ldb_trace_next_request: (entryuuid)->search
> ldb: ldb_trace_next_request: (paged_searches)->search
> ldb: ldb_trace_next_request: (simple_dn)->search
> ldb: ldb_trace_next_request: (ldap)->search
> ldb: ldb_asprintf/set_errstring: LDAP error 34 LDAP_INVALID_DN_SYNTAX -
> <invalid DN> <>
I don't see anything special about the DN you quoted above. You'd have to
check the slapd debug output here. If that's the DN you *think* you're
sending, but that's not the DN that slapd received then there's an encoding
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the samba-technical