[Samba] Re: 3.0.7/LDAP/referrals...
William Jojo
jojowil at hvcc.edu
Wed Sep 22 16:01:23 GMT 2004
Thanks, Igor, for your speedy response. The schema was correct, however,
remember how I said I had the updatedn set the same as the rootdn as a
test on the replica? Well, I should have dumped my database and
repopulated....your query on the quality of schema file forced me to
realize the lack of equity in my database ;-)
The value was in the replica, but not the master. The replica was used to
gather an inventory of known attributes for the machine account, attempt
was made to modify by Samba (who *got* the referral), the request was then
sent to the master; hence the "no such attribute" (when attempting to
delete for subsequent add). Of course, this raises the question: why not a
replace instead of delete/add pair? Replace has an implied add in the
event of its abscence.
At any rate, a very important lesson has been learned...
Thanks a bunch!
Bill
On Wed, 22 Sep 2004, Igor Belyi wrote:
> William Jojo wrote:
> > [2004/09/22 08:55:39, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1422)
> > ldapsam_modify_entry: Failed to modify user dn=
> > uid=CRK7$,ou=People,dc=hvcc,dc=edu with: No such attribute
> > modify/delete: sambaPwdCanChange: no such attribute
>
> Could also be a problem with samba.schema on the master server - for
> example if definition of sambaSamAccount does not have sambaPwdCanChange
> attribute there.
>
> > On a separate note, I've noticed that Samba doesn't seem to be using
> > alternate suffix values to override "ldap suffix" when knowledge of
> > machine, user, group or idmap may be known as indicated in
> > smb.conf(5)...I'm sure I'm missing something...
>
> The documentation is missleading. "ldap user suffix" and such are
> acctually prepended to the "ldap suffix" value. It would be nice of
> course to recongnize ',' as a last symbol to indicate that "ldap suffix"
> should be concatenated to the value, but to change it now - it will
> break config files of many.
>
> Igor
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list