[Samba] Smbpasswd -m -x not working, "object class violation" error

Daniel Wilson daniel.wilson at sunderland.ac.uk
Tue Feb 14 17:48:17 GMT 2006


Im sure this means that its trying to delete the displayName attribute 
which is more than likely not in your LDAP schema.

Look in "<install_dir>/slapd-<hostname>/config/schema/" directory for 
your schema

To see if "displayName" is part of any object classes in your LDAP 
schema search the schema files: 

bash# grep -il displayName 
<install_dir>/slapd-<hostname>/config/schema/*.ldif

If its not part of your schema you may want to add this attribute to 
your 99user.ldif schema file or add the attribute via the Sun LDAP 
console (recommended):

bash # <install_dir>/startconsole &
Server Group > Directory  Server (Open) > Configuration > Schema > 
Attributes > Create

-or-

you may want to just disable schema checking in your LDAP server :

bash # <install_dir>/startconsole &
Server Group > Directory  Server (Open) > Configuration > Schema (Disable)

Regards

Daniel Wilson
Systems Manager
Student and Learning Support
University of Sunderland
Tel: 0191 515 2695



Andrés Yacopino wrote:

> Daniel, check the log as you said and i hit this:
>
> [14/Feb/2006:14:19:10 +0300] - ERROR<5897> - Schema  - conn=-1 op=-1 
> msgId=-1 -
> User error:  Entry "uid=aprueba$,ou=computers,o= acasalud.com.ar 
> <http://acasalud.com.ar>,dc=acasalud,dc=c
> om,dc=ar", attribute "displayName" is not allowed
>
> What does it means?
>
> Thanks,
> Andrés.
>
>
>
> 2006/2/14, Daniel Wilson < daniel.wilson at sunderland.ac.uk 
> <mailto:daniel.wilson at sunderland.ac.uk>>:
>
>     Have you checkes the Sun LDAP errors.log file for the specific object
>     class violation? Usually at
>     <install_dir>/slapd-<hostname>/logs/errors.log
>
>     Daniel Wilson
>     Systems Manager
>     Student and Learning Support
>     University of Sunderland
>     Tel: 0191 515 2695
>
>
>
>     Andrés Yacopino wrote:
>
>     >I have deployed a samba server with Sun Java Ldap Directory.
>     >
>     >I sucessfully create users and deleted them when ldap delete
>     dn=yes in
>     >smb.conf, but when ldap delete dn=no i obtain this error when i
>     issue a
>     >smbpasswd -m -x command:
>     >
>     >ldapsam_delete_entry: Could not delete attributes for
>     >uid=aprueba$,ou=computers,
>     >o= acasalud.com.ar
>     <http://acasalud.com.ar>,dc=acasalud,dc=com,dc=ar, error: Object
>     class violation ()
>     >Failed to delete entry for user aprueba$.
>     >Failed to modify password entry for user aprueba$
>     >
>     >My smb.conf is:
>     >
>     >[global]
>     >
>     >   workgroup = ACASALUDROS
>     >   server string = Sun Samba Server
>     >   security = user
>     >   dos filetimes = yes
>     >   time offset = -360
>     >   load printers = yes
>     >   printcap name = /etc/printcap
>     >   printing = cups
>     >   guest account = guest
>     >   log file = /usr/local/samba/var/log.%m
>     >   log level = 5
>     >   max log size = 50
>     >   null passwords = yes
>     >   encrypt passwords = yes
>     >   ldap password sync = yes
>     >   unix password sync = yes
>     >   username level = 2
>     >   password level = 0
>     >   passwd program = /usr/bin/passwd %u
>     >   passwd chat = *New* password* %n\n *new* password* %n\n
>     *successfully*
>     >        idmap backend = ldapsam:ldap://localhost:389
>     >        passdb backend = ldapsam:ldap://localhost:389
>     >        ldap admin dn = cn=Directory Manager
>     >        ldap suffix = o=acasalud.com.ar
>     <http://acasalud.com.ar>,dc=acasalud,dc=com,dc=ar
>     >        ldap user suffix = ou=people
>     >        ldap group suffix = ou=groups
>     >        ldap machine suffix = ou=computers
>     >        ldap idmap suffix = ou=idmap
>     >        ldap delete dn = no
>     >   socket options = TCP_NODELAY=0
>     >   wins server = 10.11.0.2 <http://10.11.0.2>
>     >   dns proxy = no
>     >
>     >what is wrong?
>     >
>     >Is that works only when
>     >
>     >   preferred master = yes
>     >   domain master = yes
>     >   local master = yes
>     >   domain logons = yes
>     >
>     >are yes?
>     >Any other ideas?
>     >
>     >Thanks a lot.
>     >
>     >
>     >--
>     >Andrés Yacopino
>     >
>     >
>
>
>
>
>
> -- 
> Andrés Yacopino 



More information about the samba mailing list