OpenLDAP structural object class problems - openldap-technical

16 Aug 2009


      Hey
Im trying to get OpenLDAP database + SAMBA to work as a unit.
But when I try to create mashine accaunts I get this error:
slapd[28381]: entry failed schema check: structural object class 
modification from 'account' to 'inetOrgPerson' not allowed
tail -200f /var/log/syslog | grep slapd
Aug 16 22:43:18 hds-linux slapd[28381]: bdb_idl_insert_key: 15 [80002715]
Aug 16 22:43:18 hds-linux slapd[28381]: bdb_idl_insert_key: 15 [80000203]
Aug 16 22:43:18 hds-linux slapd[28381]: send_ldap_result: err=0 
matched="" text=""
Aug 16 22:43:22 hds-linux slapd[28381]: connection_get(17)
Aug 16 22:43:22 hds-linux slapd[28381]: conn=14 op=8 do_modify: dn 
(uid=hds$,ou=Computers,dc=semark,dc=dk)
Aug 16 22:43:22 hds-linux slapd[28381]: conn=14 op=8 modifications:
Aug 16 22:43:22 hds-linux slapd[28381]: ^Ireplace: objectClass
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Imultiple values
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaLogonTime
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 1
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaLogoffTime
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 10
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaKickoffTime
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 10
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaPwdCanChange
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 1
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaPwdMustChange
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 10
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaPwdLastSet
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 10
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaAcctFlags
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 13
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaLMPassword
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 32
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaNTPassword
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 32
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaSID
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 47
Aug 16 22:43:22 hds-linux slapd[28381]: ^Iadd: sambaPrimaryGroupSID
Aug 16 22:43:22 hds-linux slapd[28381]: ^I^Ione value, length 45
Aug 16 22:43:22 hds-linux slapd[28381]: hdb_modify: 
uid=hds$,ou=Computers,dc=semark,dc=dk
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: replace 
objectClass
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaLogonTime
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaLogoffTime
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaKickoffTime
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaPwdCanChange
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaPwdMustChange
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaPwdLastSet
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaAcctFlags
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaLMPassword
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaNTPassword
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add sambaSID
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: add 
sambaPrimaryGroupSID
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: replace 
entryCSN
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: replace 
modifiersName
Aug 16 22:43:22 hds-linux slapd[28381]: bdb_modify_internal: replace 
modifyTimestamp
*Aug 16 22:43:22 hds-linux slapd[28381]: entry failed schema check: 
structural object class modification from 'account' to 'inetOrgPerson' 
not allowed
Aug 16 22:43:22 hds-linux slapd[28381]: send_ldap_result: err=69 
matched="" text="structural object class modification from 'account' to 
'inetOrgPerson' not allowed"*
Aug 16 22:43:22 hds-linux slapd[28381]: connection_get(17)
Aug 16 22:47:37 hds-linux slapd[28381]: connection_get(25)
Aug 16 22:47:37 hds-linux slapd[28381]: SRCH 
"sambaDomainName=SEMARK.DK,dc=semark,dc=dk" 2 0
Aug 16 22:47:37 hds-linux slapd[28381]:     0 15 0
Aug 16 22:47:37 hds-linux slapd[28381]:     filter: 
(?objectClass=sambaTrustedDomainPassword)
Aug 16 22:47:37 hds-linux slapd[28381]:     attrs:
Aug 16 22:47:37 hds-linux slapd[28381]:  sambaDomainName
Aug 16 22:47:37 hds-linux slapd[28381]:  sambaSID
Aug 16 22:47:37 hds-linux slapd[28381]:
Aug 16 22:47:37 hds-linux slapd[28381]: bdb_idl_fetch_key: [b49d1940]
Aug 16 22:47:37 hds-linux slapd[28381]: send_ldap_result: err=0 
matched="" text=""
What do I have to do to allow structural object changes ?
Im running:
Debian Lenny (5.0.2)
Kernel - 2.6.26-2-xen-686
OpenLDAP: slapd 2.4.17 (Jul 29 2009 00:52:57)
Samba Version 3.2.5
Winbind Version 3.2.5
Thanx for the help :)
-- 
Med Venlig Hilsen / Best regards
Henrik Dige Semark