[Samba] Samba 3.0.9 ==> 3.0.14a migration LDIF problem

Collins, Kevin kCollins at nesbittengineering.com
Fri Dec 2 13:22:31 GMT 2005 

(This time to the list)

Andrew and Craig:  Thank you both for replying.

Following Andrew's advice, I set out to add the line

"objectClass: account"

to all of my computer accounts in the LDIF.  (None of them had this declaration)

After that was acommplished, I tried to re-import the LDIF.  The process got much farther than before, but it again failed a computer account.  A little closer investigation revealed a difference in these accounts.  And it appears to be coincidental to certain point in time.  All of the older accounts are one way and the newer accounts are a different way.  Now, I'm wondering which the "proper" way for me moving forward.  Here are the examples:

"Old" computer account
===============================================================================
dn: uid=nei-10$,ou=Computers,dc=nesbitt,dc=local
uidNumber: 1008
gidNumber: 553
homeDirectory: /dev/null
loginShell: /bin/false
objectClass: top
objectClass: posixAccount
objectClass: sambaSamAccount
objectClass: account
uid: nei-10$
displayName: NEI-10$
cn: NEI-10$
description: Computer
sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3016
sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107
sambaAcctFlags: [W          ]
sambaLogonTime: 0
sambaLogoffTime: 0
sambaKickoffTime: 0
sambaPwdMustChange: 2147483647
sambaPwdCanChange: 1130941262
sambaNTPassword: 3520D823FF3A3EA0D246ACF5D99F5061
sambaPwdLastSet: 1130941262
modifiersName: cn=Manager,dc=nesbitt,dc=local
modifyTimestamp: 20051102142102Z
===============================================================================


"New" computer account:
===============================================================================
dn: uid=stargazer$,ou=Computers,dc=nesbitt,dc=local
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
objectClass: account
cn: stargazer$
sn: stargazer$
uid: stargazer$
uidNumber: 1081
gidNumber: 553
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
creatorsName: cn=Manager,dc=nesbitt,dc=local
createTimestamp: 20040309024546Z
sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3162
sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107
displayName: stargazer$
sambaPwdMustChange: 2147483647
sambaAcctFlags: [W          ]
sambaPwdCanChange: 1078869765
sambaLMPassword: F8490F746485FE71A1E92A4788FB2592
sambaNTPassword: F8490F746485FE71A1E92A4788FB2592
sambaPwdLastSet: 1078869765
modifiersName: cn=Manager,dc=nesbitt,dc=local
modifyTimestamp: 20040309220245Z
===============================================================================

When I run the LDIF import, I get this error:

slapadd: dn="uid=stargazer$,ou=Computers,dc=nesbitt,dc=local" (line=2415): (65) invalid structural object class chain (inetOrgPerson/account)

My "gut" tells me the "new" definition minus the "objectClass: account" is the way to go, but before I do anything else, I'd like to know.

John T: If you're reading this, it might not be a bad idea to show the "proper" basic requirements for each of the account types in LDIF format somewhere in one of your books.  I searched through both of them looking for the answer to this and couldn't find it.  Maybe it would help someone in the future.

Thanks in advance,
Kevin



> -----Original Message-----
> From: Andrew Bartlett [mailto:abartlet at samba.org]
> Sent: Thursday, December 01, 2005 4:11 PM
> To: Collins, Kevin
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] Samba 3.0.9 ==> 3.0.14a migration LDIF problem
> 
> On Thu, 2005-12-01 at 15:52 -0500, Collins, Kevin wrote:
> > I'm trying to migrate my existing RedHat ES Samba PDC to Ubuntu.  
> 
> > I'm certain that is caused by the differing version of
> OpenLDAP that
> > I'm running,
> 
> Yes, it is the OpenLDAP upgrade that is causing you pain.
> 
> > dn: uid=magellan$,ou=Computers,dc=nesbitt,dc=local
> > uidNumber: 1040
> > gidNumber: 553
> > homeDirectory: /dev/null
> > loginShell: /bin/false
> > objectClass: top
> > objectClass: posixAccount
> > objectClass: sambaSamAccount
> 
> > Can someone give me a pointer as to what I'm doing wrong?
> 
> In this specific instance you are missing an
> 
> objectClass: account
> 
> Andrew Bartlett
> 
> -- 
> Andrew Bartlett                                
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> Student Network Administrator, Hawker College  http://hawkerc.net
>

More information about the samba mailing list