[Samba] Can't delete users which have the displayName attribute in ldapsam

Günter Gersdorf G.Gersdorf at tu-bs.de
Tue Oct 18 12:24:46 GMT 2005

i just migrated my NT Domain to samba (3.0.20) with ldapsam. Now, when i
try to delete a user via usrmgr, i get an 'access denied' error. The log
	Object class violation (attribute 'displayName' not allowed)

And thats true. I have 'ldap delete dn = no' in the configfile, and
hence only some attributes are deleted. The list of these attributes is
in lib/smbldap.c, array attrib_map_to_delete_v30[]. The attribute
displayName isn't mentioned in this array.

On the other side, displayName is only valid in objectclass
sambaSamAccount, according to the ldap schema files and this objectclass
is to be removed from the ldap entry.

Is it a bug in samba or maybe i have outdated or wrong schema files for

Günter Gersdorf
Guenter Gersdorf                         Phone:      +49/(0)531/391-7634
Inst. f. Werkzeugmaschinen               Fax:                      -5842
und Fertigungstechnik, TU Braunschweig   E-Mail:     G.Gersdorf at tu-bs.de
Langer Kamp 19b, D-38106 Braunschweig    http://www.iwf.ing.tu-bs.de/

More information about the samba mailing list