Somewhere along the way I've discovered that somehow my
olcDatabase={1}hdb.ldif is missing "olcAccess:" for samba* entries.
To fix this I wanted to update using ldapmodify and the following
ldif:
----- modify.ldif ------------
dn: olcDatabase={1}hdb,cn=config
changetype: modify
delete: olcAccess
olcAccess: {0}
-
add: olcAccess
olcAccess: {0} to
attrs=userPassword,shadowLastChange,sambaPwdMustChange,sambaLMPassword,sambaPwdLastSet,sambaNTPassword
by dn="cn=admin,dc=domain,dc=tld" write by anonymous auth by self
write by * none
-
----- modify.ldif ------------
The "olcAccess: {0}...." contents all being on one line. (adding
via: ldapmodify -x -D "cn=admin,dc=domain,dc=tld" -W -f modify.ldif)
But manually looking at my current olcDatabase={1}hdb.ldif I see that
somehow the current "olcAccess: {0}" entry that I want to update has
been split into two lines, as follows:
----- oldAccess: {0} ------------
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write
by anonymou
s auth by dn="cn=admin,dc=frontline" write by * none
----- oldAccess: {0} ------------
As this is a live system at the moment, is there any way, other than
stopping slapd and manually viming olcDatabase={1}hdb.ldif to fix the
split line and add the samba* entries?
For what it's worth:
OS: Ubuntu 11.04
OpenLDAP 2.4.23
Samba: 3.5.8
t.i.a
Jan
