[Samba] Samba PDC + LDAP

Uwe Laverenz laverenz at molkerei-ammerland.de
Thu May 22 07:01:29 GMT 2003

Sathi schrieb:

> # ./smbldap-useradd.pl -w test
> ldapadd: update failed: uid=test$,ou=Computers,dc=xxx,dc=com
> ldap_add: Object class violation (65)
>         additional info: no structural object class provided
> ./smbldap-useradd.pl: error while adding posix account to machine test$

It's not a bug, it's a feature. ;)

Starting with OpenLDAP 2.1 (or 2.0 with schemacheck=on IIRC), every 
object must have exactly one structural class. If only auxiliary classes 
or more than one structural class are provided, OpenLDAP will refuse to 
create the desired object and shows the above error message.

You should change your "smbldap_tools.pm" and add a structural object 
class that fits your needs. I have chosen to use the "device" object 
class for the domain computers:

from smbldap_tools.pm:

--- snip ---

sub add_posix_machine
     my ($user, $uid, $gid) = @_;

my $tmpldif =
"dn: uid=$user,$computersdn
objectclass: top
objectclass: device               <----- add this
objectclass: posixAccount
cn: $user
uid: $user
uidNumber: $uid
gidNumber: $gid
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer

--- snip ---

and in "sub add_samba_machine_mkntpwd":

--- snip ---

"dn: uid=$user,$computersdn
changetype: modify
objectclass: top
objectclass: device              <----- add this
objectclass: posixAccount
objectClass: sambaAccount
pwdLastSet: 0
logonTime: 0
logoffTime: 2147483647
kickoffTime: 2147483647
pwdCanChange: 0
pwdMustChange: 2147483647
acctFlags: [W          ]
lmpassword: $lmpassword
ntpassword: $ntpassword
rid: $rid
primaryGroupID: 0

--- snip ---


More information about the samba mailing list