Hello.
15.12.2008 18:26, Aaron Richton пишет:
On Mon, 15 Dec 2008, Alexey Lobanov wrote:
group of Debian servers. Everything works fine except userPassword, sambaLMPassword and sambaNTPassowrd attributes; the replicas (two of two) just don't have those attributes in any downloaded entries.
Are sambaLMPassword/sambaNTPassword visible on the slave cn=Subschema? (slapd -d config perhaps, too.)
The master and slave schemas are absolutely identical. Just rsynced. And the attributes are present in schema, because I can add them manually with an editor like Luma.
root@mail:/etc/ldap/schema# slapd -d config ..... reading config file /etc/ldap/schema/samba.schema ........ line 185 (attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ))
line 190 (attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ))
However, I am really surprised now. There is no "NAME 'userPassword'" definition in schema files, neither in master nor in slaves. More exactly, the definition in generic core.schema is commented out:
# system schema #attributetype ( 2.5.4.35 NAME 'userPassword' # DESC 'RFC2256/2307: password of user' # EQUALITY octetStringMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
It looks like that this attribute definition is hardcoded in slapd. Correct?
Alexey