Samba integration / adding more objectClasses

Wed Aug 20 05:53:56 CEST 2008

Gunnar Wrobel wrote:
> Quoting "Albrecht Dreß" <albrecht.dress at lios-tech.com>:
>
>> Hi Alain:
>>
>> Am 08.08.2008 20:07:15 schrieb(en) Alain Spineux:
>>> On Fri, Aug 8, 2008 at 4:22 PM, Albrecht Dreß
>>> >    $ldap_object['objectClass'] = array('top',
>>> >
>>> 'inetOrgPerson','kolabInetOrgPerson','shadowAccount','posixAccount','sambaSamAccount'); 
>>>
>>>
>>> A littela above I see :
>>>
>>> $oc = array('top', 'inetOrgPerson','kolabInetOrgPerson');
>>
>> It's actually somewhat more complicated (inter alia as I don't know
>> PHP), but I apparently can narrow down the problem.  I already have a
>> hacked script which adds posixAccount and shadowAccount objects to new
>> regular users, and even counts the uidNumber automatically.  Still
>> fighting with the samba stuff.  Maybe I should write a new HOWTO
>> afterwards... 
I'm working on it. Actually, I can see that the new objects are not sent 
to the add function. Here is a dump just after all objects are populated:

array(17) {
  ["objectClass"]=>
  array(6) {
    [0]=>
    string(3) "top"
    [1]=>
    string(13) "inetOrgPerson"
    [2]=>
    string(18) "kolabInetOrgPerson"
    [3]=>
    string(13) "shadowAccount"
    [4]=>
    string(12) "posixAccount"
    [5]=>
    string(15) "sambaSamAccount"
  }
  ["uidNumber"]=>
  int(1219203853)
  ["gidNumber"]=>
  string(3) "513"
  ["homeDirectory"]=>
  string(7) "/home//"
  ["sambaPwdLastSet"]=>
  int(1219203853)
  ["sambaLogonTime"]=>
  string(1) "0"
  ["sambaLogoffTime"]=>
  string(1) "0"
  ["sambaKickoffTime"]=>
  string(1) "0"
  ["sambaPwdCanChange"]=>
  string(1) "0"
  ["sambaPwdMustChange"]=>
  string(1) "0"
  ["sambaAcctFlags"]=>
  string(4) "[UX]"
  ["sambaSID"]=>
  string(52) "S-1-5-21-1693856200-2518227536-3101355542-1219203853"
  ["sambaLMPassword"]=>
  string(32) "7CBDD45E93D1DA22AAD3B435B51404EE"
  ["sambaPrimaryGroupSID"]=>
  string(45) "S-1-5-21-1693856200-2518227536-3101355542-513"
  ["sambaNTPassword"]=>
  string(32) "D0416AE2E50FCC2C3D7916F74670D451"
  ["sambaLogonScript"]=>
  string(11) "STARTUP.BAT"
  ["sambaHomeDrive"]=>
  string(2) "H:"
}

and here is the object dump after the add function has rejected the add request:

array(9) {
  ["objectClass"]=>
  array(6) {
    [0]=>
    string(3) "top"
    [1]=>
    string(13) "inetOrgPerson"
    [2]=>
    string(18) "kolabInetOrgPerson"
    [3]=>
    string(13) "shadowAccount"
    [4]=>
    string(12) "posixAccount"
    [5]=>
    string(15) "sambaSamAccount"
  }
  ["sn"]=>
  string(6) "Tardif"
  ["cn"]=>
  string(16) "Christian Tardif"
  ["givenName"]=>
  string(9) "Christian"
  ["userPassword"]=>
  string(38) "{SSHA}Uon8NG9BWABN1zy7F1LIdaj2VZvqDQMK"
  ["mail"]=>
  string(31) "christian.tardif@*******.com"
  ["uid"]=>
  string(31) "christian.tardif@*******.com"
  ["kolabHomeServer"]=>
  string(19) "****************"
  ["kolabInvitationPolicy"]=>
  array(1) {
    [0]=>
    string(10) "ACT_MANUAL"
  }
}

Quite different. And because the new objectClass has mandatory objects (which are apparently absent), the add request got rejected by the ldap server.

I'll keep you posted soon (I hope so...  in fact, I need to have this fixed ASAP  :-))

-- 
Christian Tardif