Package: smbldap-tools Version: 0.9.4-1 Severity: important We are using a Samba server with the LDAP backend to act as a primary domain controller for a small bunch of windows hosts.
While I was trying to add new windows hosts to the LDAP backend using smbldap-useradd -i I got an error message: dm...@hestia:> smbldap-useradd -g Rechner -d /dev/null -s /bin/false -i pyrrha$ New passowrd : Retype new password : failed to add entry: structural object class modification from 'account' to 'inetOrgPerson' not allowed at /usr/sbin/smbldap-useradd line 311, <STDIN> line 2. The user is created but only with the objectClass "top,account,posixAccount" (expected: top,person,organizationalPerson,inetOrgPerson,posixAccount,sambaSamAccount). Searching the web I found this post in linux.sambe newsgroup: http://groups.google.com/group/linux.samba/browse_thread/thread/9df7b94eb61eee63 That points in the right direction: /usr/sbin/smbldap-useradd first calls the function add_posix_machine in /usr/share/perl5/smbldap_tools.pm that create an entry in the LDAP tree with the 'account' objectClass and then tries to change the objectClass but fails as it is not allowed. The newsgroup post suggests just to change add_posix_machine in /usr/share/perl5/smbldap_tools.pm so the LDAP entry is created with the inetOrgPerson objectClass in the first place. This seems to work, although I don't know the implications of this modification. We consider this as a important bug as I had to manually change /usr/share/perl5/smbldap_tools.pm to be able to add new windows hosts to our samba pdc. -- System Information: Debian Release: 5.0.3 Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to de_DE.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages smbldap-tools depends on: ii libcrypt-smbhash-perl 0.12-2 generate LM/NT hash of a password ii libdigest-sha1-perl 2.11-2+b1 NIST SHA-1 message digest algorith ii libio-socket-ssl-perl 1.16-1+lenny1 Perl module implementing object or ii libnet-ldap-perl 1:0.36-1 A Client interface to LDAP servers ii libunicode-maputf8-perl 1.11-2 Perl module for conversing between ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction smbldap-tools recommends no packages. smbldap-tools suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
