[Samba] Samba and IBM directory server 5.1 attributes problems

[Christian Nabski]

Hello, 

I am wondering how people got around the fact that IBM directory server 
5.1 (ids5.1) already has the attribute pwdmustchange and the samba schema 
also needs it ? 
The problem is that they have a different syntax. Ids 5.1 attribute 
pwdmustchange is boolean while Samba needs an integer. 
These attributes have a different oid but the same name.
btw : Ids was formerly called ibm secureway.


I am trying to get samba to work with ids 5.1 but I am stuck with the 
adding of users. 
"smbpasswd -w <admin dn's password>" has been succesful. 
Now when I try to add users with : 
"smbpasswd -a testuser1" 
I get : 
LDAP search "(&(uid=testuser1)(objectclass=sambaAccount))" returned 0 
entries. 
failed to modify user with uid = testuser1 with: Invalid syntax 
Failed to add entry for user testuser1. 
Failed to modify password entry for user testuser1 

Some other things besides this : 
Am I correct here ? 
- users need to present on : 
1) in the ldap directory with posix + samba objectclass 
2) /etc/passwd 
And the password needs to be synced between those 2 
- if using nss_ldap and pam_ldap user need to be present : 
1) in the ldap directory with posix + samba objectclass 

Kind regards, 

Christian