[Samba] LDAP violation ?

Jerome Pramondon jpramondon at alicante.fr
Thu Apr 8 14:27:57 GMT 2004

Hi everybody,

Sorry to bother everyone with probs that have certainly been solved a 
hundred times ...But I'm getting nutz about something not working for 
several days. The solution may (sure it is, in fact) be easy, but it's 
not clear anymore for such a Samba newbie like me.

Samba version = 3.0.2
Running on Linux Mandrake 10

I went through to whole install process to have my Linux server to 
behave like a Domain PDC (Bind 9 + Samba + CUPS + OpenLdap). Then I 
configured Samba (smb.conf) to work with my OpenLdap server (last 
version). I don't say that it was easy, but everything seem to correctly 
The problem is when I start addind users using the 'smbpasswd' command.
I get an objectclass violation which says it cannot modify the 
'userPassword' attribute.
After some searching, I noticed the 'userPassword' attribute was only 
defined in the 'PosixAccount' objectclass. If I use a LDAP browser to 
look what's in my directory, I see the user account, but he only has the 
'SambaSamAccount' objectclass.
So it seems completly correct : if the 'PosixAccount' objectclass is not 
added, then how could the 'userPassword' attribute be used in that 
object ...
Then why the command does not add that objectclass ?

Here's is the result of a smbpasswd command : ('smbpasswd -a aequoy')
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: LDAP Password could not be changed for user 
aequoy: Object class violation
        entry modify failed
ldapsam_add_sam_account: failed to modify/add user with uid = aequoy (dn 
= uid=aequoy,ou=accounts,ou =Samba,dc=Alicante,dc=fr)
Failed to add entry for user aequoy.
Failed to modify password entry for user aequoy

Am I doing something wrong ?

Thanx for your help.


More information about the samba mailing list