How to change objectSid from LDAP
Diego Woitasen
diego.woitasen at vhgroup.net
Mon Feb 3 06:38:03 MST 2014
Hi,
I'm trying to modify the objectSid of a group using python-ldap. I've
found that I need a server control to do it but doesn't work. The code
that I'm using:
modlist = [ (ldap.MOD_REPLACE, 'objectSid', s3sid_packed) ]
LDB_CONTROL_PROVISION_OID = "1.3.6.1.4.1.7165.4.3.16"
LDB_CONTROL_RELAX_OID = "1.3.6.1.4.1.4203.666.5.12"
controls = [ LDAPControl(LDB_CONTROL_PROVISION_OID, criticality=0),
LDAPControl(LDB_CONTROL_RELAX_OID, criticality=0) ]
s4ldap.modify_ext_s(s4dn, modlist, serverctrls=controls,
clientctrls=controls)
I'm using the domain administrator to bind to the server.
The error that I get:
ldap.UNWILLING_TO_PERFORM: {'info': '00002035: samldb: objectSid must
not be specified!', 'desc': 'Server is unwilling to perform'}
Is there a way to do it? I know that it is not something to be done
usually, but trust me, I need it :)
Regards,
Diego
--
Diego Woitasen
VHGroup - Linux and Open Source solutions architect
www.vhgroup.net
More information about the samba-technical
mailing list