Hello,
In my samba.schema, added the atribute userPassword.
attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
attributetype ( 2.5.4.35 NAME 'userPassword' DESC 'RFC2256/2307: password of user' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128})
Then, i excute command slapindex -v.
root@fileserver02:/etc/ldap/schema# slapindex -v
WARNING! Runnig as root! There's a fair chance slapd will fail to start. Check file permissions!
/etc/ldap/schema/samba.schema: line 195 attributetype: Duplicate attributeType: "2.5.4.35" slapindex: bad configuration file!
What´s wrong ?
Rodrigo
On Thu, 31 Jan 2013, rodrigo tavares wrote:
In my samba.schema, added the atribute userPassword.
[...]
root@fileserver02:/etc/ldap/schema# slapindex -v
[...]
/etc/ldap/schema/samba.schema: line 195 attributetype: Duplicate attributeType: "2.5.4.35" slapindex: bad configuration file!
What's wrong ?
userPassword is one of a handful of attributes that's hard-coded into slapd(8). See servers/slapd/schema_prep.c.
Anyway, yes, you're "duplicating" userPassword via multiple definitions: the hard-coded definition and your samba.schema definition. The hard-coded definition should serve fine, just remove it from samba.schema.
Why are you putting these in samba.schema anyway? Editing upstream schema isn't best practice. If you need a local schema file, make one from scratch, don't glob on to somebody else's definitions...
Hello Aaron,
I'm not add ou modify nothing in samba.schema. But when i open samba.schehema I see:
#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword' # DESC 'LanManager Passwd' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword' # DESC 'NT Passwd' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
If I Can uncomment this lines ?
in java.scheme all lines is not uncomment.
attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6 NAME 'javaClassName' DESC 'Fully qualified name of distinguished Java class or interface' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
Rodrigo Faria Tavares
________________________________ De: Aaron Richton richton@nbcs.rutgers.edu Para: rodrigo tavares rodrigofariat@yahoo.com.br Cc: "openldap-technical@openldap.org" openldap-technical@openldap.org Enviadas: Quinta-feira, 31 de Janeiro de 2013 11:17 Assunto: Re: Duplicate attributeType: "2.5.4.35"
On Thu, 31 Jan 2013, rodrigo tavares wrote:
In my samba.schema, added the atribute userPassword.
[...]
root@fileserver02:/etc/ldap/schema# slapindex -v
[...]
/etc/ldap/schema/samba.schema: line 195 attributetype: Duplicate attributeType: "2.5.4.35" slapindex: bad configuration file!
What's wrong ?
userPassword is one of a handful of attributes that's hard-coded into slapd(8). See servers/slapd/schema_prep.c.
Anyway, yes, you're "duplicating" userPassword via multiple definitions: the hard-coded definition and your samba.schema definition. The hard-coded definition should serve fine, just remove it from samba.schema.
Why are you putting these in samba.schema anyway? Editing upstream schema isn't best practice. If you need a local schema file, make one from scratch, don't glob on to somebody else's definitions...
On Fri, 1 Feb 2013, rodrigo tavares wrote:
#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword'
#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword'
If I Can uncomment this lines ?
If you need those attributes, and they're not defined elsewhere, uncommenting them seems reasonable. But I have no idea what your particular site may or may not need; if you need advice on that, you should probably seek a community better-versed on Samba...
With that said, as a rule of thumb, when upstream gives you something I'd leave it alone unless you have really good rationale/understanding of why you're changing it...
Aaron Richton wrote:
On Fri, 1 Feb 2013, rodrigo tavares wrote:
#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword'
#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword'
If I Can uncomment this lines ?
If you need those attributes, and they're not defined elsewhere, uncommenting them seems reasonable. But I have no idea what your particular site may or may not need; if you need advice on that, you should probably seek a community better-versed on Samba...
Those are Samba 2.x attributes. You probably don't want to use them.
With Samba 3.x all attributes are prefixed with "samba" but you only need them if you want to set up a Samba 3.x DC with LDAP backend.
Ciao, Michael.
openldap-technical@openldap.org
-
Aaron Richton -
Michael Ströder -
rodrigo tavares