[Samba] updating samba/ldap: do I need new attributes?

Adam Williams awilliam at mdah.state.ms.us
Thu Mar 12 21:22:46 GMT 2009

your steps are fine.  you don't need the samba LDAP entries you listed, 
when ou do smbpasswd -a user, it will add the minimum required LDAP 
entries for samba.

lacoste at miage.univ-paris12.fr wrote:
> Hello,
> I plan to update my samba-3.0.22/openldap-2.3.24
> to samba-3.0.34/openldap-2.4.15 and I'm currently testing it.
> This is on FreeBSD.
> My idea is :
> 1) slapcat the openldap server and save the various tdb files.
> 2) deinstall samba and openldap and wipe out the bdb files
> 3) install the newer versions
> 4) slapadd to the new openldap server
> This seems to work in my test lab.
> During my tests I also built a new domain afresh and realized that the
> sambaDomainName ldap entry has some attributes that are not in my
> production server: sambaMinPwdLength, sambaLogonToChgPwd, 
> sambaLockoutDuration,
> sambaLockoutObservationWindow, sambaLockoutThreshold, sambaForceLogoff.
> Do I have to add these attributes to my ldif file before slapadd?
> More generally, do I have to add some attributes to my ldap entries?
> Regards,
> Thierry

More information about the samba mailing list