RE: [Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
(This time to the list) Andrew and Craig: Thank you both for replying. Following Andrew's advice, I set out to add the line objectClass: account to all of my computer accounts in the LDIF. (None of them had this declaration) After that was acommplished, I tried to re-import the LDIF. The process got much farther than before, but it again failed a computer account. A little closer investigation revealed a difference in these accounts. And it appears to be coincidental to certain point in time. All of the older accounts are one way and the newer accounts are a different way. Now, I'm wondering which the proper way for me moving forward. Here are the examples: Old computer account === dn: uid=nei-10$,ou=Computers,dc=nesbitt,dc=local uidNumber: 1008 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false objectClass: top objectClass: posixAccount objectClass: sambaSamAccount objectClass: account uid: nei-10$ displayName: NEI-10$ cn: NEI-10$ description: Computer sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3016 sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107 sambaAcctFlags: [W ] sambaLogonTime: 0 sambaLogoffTime: 0 sambaKickoffTime: 0 sambaPwdMustChange: 2147483647 sambaPwdCanChange: 1130941262 sambaNTPassword: 3520D823FF3A3EA0D246ACF5D99F5061 sambaPwdLastSet: 1130941262 modifiersName: cn=Manager,dc=nesbitt,dc=local modifyTimestamp: 20051102142102Z === New computer account: === dn: uid=stargazer$,ou=Computers,dc=nesbitt,dc=local objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSamAccount objectClass: account cn: stargazer$ sn: stargazer$ uid: stargazer$ uidNumber: 1081 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false description: Computer creatorsName: cn=Manager,dc=nesbitt,dc=local createTimestamp: 20040309024546Z sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3162 sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107 displayName: stargazer$ sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPwdCanChange: 1078869765 sambaLMPassword: F8490F746485FE71A1E92A4788FB2592 sambaNTPassword: F8490F746485FE71A1E92A4788FB2592 sambaPwdLastSet: 1078869765 modifiersName: cn=Manager,dc=nesbitt,dc=local modifyTimestamp: 20040309220245Z === When I run the LDIF import, I get this error: slapadd: dn=uid=stargazer$,ou=Computers,dc=nesbitt,dc=local (line=2415): (65) invalid structural object class chain (inetOrgPerson/account) My gut tells me the new definition minus the objectClass: account is the way to go, but before I do anything else, I'd like to know. John T: If you're reading this, it might not be a bad idea to show the proper basic requirements for each of the account types in LDIF format somewhere in one of your books. I searched through both of them looking for the answer to this and couldn't find it. Maybe it would help someone in the future. Thanks in advance, Kevin -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 4:11 PM To: Collins, Kevin Cc: samba@lists.samba.org Subject: Re: [Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem On Thu, 2005-12-01 at 15:52 -0500, Collins, Kevin wrote: I'm trying to migrate my existing RedHat ES Samba PDC to Ubuntu. I'm certain that is caused by the differing version of OpenLDAP that I'm running, Yes, it is the OpenLDAP upgrade that is causing you pain. dn: uid=magellan$,ou=Computers,dc=nesbitt,dc=local uidNumber: 1040 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false objectClass: top objectClass: posixAccount objectClass: sambaSamAccount Can someone give me a pointer as to what I'm doing wrong? In this specific instance you are missing an objectClass: account Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
On Fri, 2005-12-02 at 08:22 -0500, Collins, Kevin wrote: (This time to the list) Andrew and Craig: Thank you both for replying. Following Andrew's advice, I set out to add the line objectClass: account to all of my computer accounts in the LDIF. (None of them had this declaration) After that was acommplished, I tried to re-import the LDIF. The process got much farther than before, but it again failed a computer account. A little closer investigation revealed a difference in these accounts. And it appears to be coincidental to certain point in time. All of the older accounts are one way and the newer accounts are a different way. Now, I'm wondering which the proper way for me moving forward. Here are the examples: Old computer account === dn: uid=nei-10$,ou=Computers,dc=nesbitt,dc=local uidNumber: 1008 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false objectClass: top objectClass: posixAccount objectClass: sambaSamAccount objectClass: account uid: nei-10$ displayName: NEI-10$ cn: NEI-10$ description: Computer sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3016 sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107 sambaAcctFlags: [W ] sambaLogonTime: 0 sambaLogoffTime: 0 sambaKickoffTime: 0 sambaPwdMustChange: 2147483647 sambaPwdCanChange: 1130941262 sambaNTPassword: 3520D823FF3A3EA0D246ACF5D99F5061 sambaPwdLastSet: 1130941262 modifiersName: cn=Manager,dc=nesbitt,dc=local modifyTimestamp: 20051102142102Z === New computer account: === dn: uid=stargazer$,ou=Computers,dc=nesbitt,dc=local objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSamAccount objectClass: account cn: stargazer$ sn: stargazer$ uid: stargazer$ uidNumber: 1081 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false description: Computer creatorsName: cn=Manager,dc=nesbitt,dc=local createTimestamp: 20040309024546Z sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3162 sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107 displayName: stargazer$ sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPwdCanChange: 1078869765 sambaLMPassword: F8490F746485FE71A1E92A4788FB2592 sambaNTPassword: F8490F746485FE71A1E92A4788FB2592 sambaPwdLastSet: 1078869765 modifiersName: cn=Manager,dc=nesbitt,dc=local modifyTimestamp: 20040309220245Z === When I run the LDIF import, I get this error: slapadd: dn=uid=stargazer$,ou=Computers,dc=nesbitt,dc=local (line=2415): (65) invalid structural object class chain (inetOrgPerson/account) My gut tells me the new definition minus the objectClass: account is the way to go, but before I do anything else, I'd like to know. John T: If you're reading this, it might not be a bad idea to show the proper basic requirements for each of the account types in LDIF format somewhere in one of your books. I searched through both of them looking for the answer to this and couldn't find it. Maybe it would help someone in the future. My domain workstations only have the account and sambaSamAccount objectclasses but when I looked at yours, I didn't know that sambaSamAccount had a specific requirements beyond uid and sambaSID but got the impression from Andrew's response that you must have the account objectclass and thought that your usage of posixAccount was enough. thus one of my workstations would end up with this... # win-workstation$, People, azapple.com dn: uid=win-workstation$,ou=Computers,ou=Accounts,dc=azapple,dc=com uid: win-workstation$ sambaSID: S-1-5-21-XX-XXX-XX-2006 objectClass: sambaSamAccount objectClass: account displayName: WIN-WORKSTATION$ sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPrimaryGroupSID: S-1-5-21-XX-XXX-XX-553 sambaPwdCanChange: 1132660033 sambaNTPassword: removed sambaPwdLastSet: 1132660033 and thus, I don't have to deal with all the other attributes required by the posixAccount and inetOrgPerson objectclasses and the structural problems of all those, though it would seem that having to top structural object should put them in order...it may be as simple as the order of the objectclasses as they are presented within your ldif file. I would suggest that you consider... copying the ldif file and sectioning it to import all the easy stuff first and perhaps move the computer accounts to a separate section (file) to deal with separately. This way, you could try adding one computer account at a time to simplify troubleshooting use slapadd instead of ldapadd (you didn't specify which you are
RE: [Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
On Fri, 2005-12-02 at 08:21 -0500, Collins, Kevin wrote: Andrew and Craig: Thank you both for replying. Following Andrew's advice, I set out to add the line objectClass: account to all of my computer accounts in the LDIF. (None of them had this declaration) When I run the LDIF import, I get this error: slapadd: dn=uid=stargazer$,ou=Computers,dc=nesbitt,dc=local (line=2415): (65) invalid structural object class chain (inetOrgPerson/account) My gut tells me the new definition minus the objectClass: account is the way to go, but before I do anything else, I'd like to know. I personally don't think of my computers as people, so I would choose account as the structural class for computers. (Actually, on my network I used device). account, device and inetOrgPerson are structural classes, and a single entry can only be one of them. Pick one :-) Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
I'm trying to migrate my existing RedHat ES Samba PDC to Ubuntu. The RedHat version of Samba is 3.0.9 and the Ubuntu version is 3.0.14a. Everything was going fine until I tried to import the LDIF of the existing LDAP directory. The LDIF actually imports all of the structure (OU and Group definitions) and all of my users, but it fails when it comes to my first machine account with this error: == slapadd: dn=uid=magellan$,ou=Computers,dc=nesbitt,dc=local (line=1437): (65) no structural object class provided == I'm certain that is caused by the differing version of OpenLDAP that I'm running, but for the life of me, I can't find a solution. Here is an example of one of my machine accounts: == -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
I'm trying to migrate my existing RedHat ES Samba PDC to Ubuntu. The RedHat version of Samba is 3.0.9 and the Ubuntu version is 3.0.14a. Everything was going fine until I tried to import the LDIF of the existing LDAP directory. The LDIF actually imports all of the structure (OU and Group definitions) and all of my users, but it fails when it comes to my first machine account with this error: == slapadd: dn=uid=magellan$,ou=Computers,dc=nesbitt,dc=local (line=1437): (65) no structural object class provided == I'm certain that is caused by the differing version of OpenLDAP that I'm running, but for the life of me, I can't find a solution. Here is an example of one of my machine accounts: == dn: uid=magellan$,ou=Computers,dc=nesbitt,dc=local uidNumber: 1040 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false objectClass: top objectClass: posixAccount objectClass: sambaSamAccount uid: magellan$ displayName: MAGELLAN$ cn: MAGELLAN$ description: Computer sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3080 sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107 sambaAcctFlags: [W ] sambaLogonTime: 0 sambaLogoffTime: 0 sambaKickoffTime: 0 sambaPwdMustChange: 2147483647 sambaPwdCanChange: 1121708732 sambaNTPassword: 763BF0E6707F001EFC3A10BC2BCAA57C sambaPwdLastSet: 1121708732 modifiersName: cn=Manager,dc=nesbitt,dc=local modifyTimestamp: 20050718174532Z == Can someone give me a pointer as to what I'm doing wrong? -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
On Thu, 2005-12-01 at 15:52 -0500, Collins, Kevin wrote: I'm trying to migrate my existing RedHat ES Samba PDC to Ubuntu. The RedHat version of Samba is 3.0.9 and the Ubuntu version is 3.0.14a. Everything was going fine until I tried to import the LDIF of the existing LDAP directory. The LDIF actually imports all of the structure (OU and Group definitions) and all of my users, but it fails when it comes to my first machine account with this error: == slapadd: dn=uid=magellan$,ou=Computers,dc=nesbitt,dc=local (line=1437): (65) no structural object class provided == I'm certain that is caused by the differing version of OpenLDAP that I'm running, but for the life of me, I can't find a solution. Here is an example of one of my machine accounts: == dn: uid=magellan$,ou=Computers,dc=nesbitt,dc=local uidNumber: 1040 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false objectClass: top objectClass: posixAccount objectClass: sambaSamAccount uid: magellan$ displayName: MAGELLAN$ cn: MAGELLAN$ description: Computer sambaSID: S-1-5-21-3325760187-3909277049-4208064797-3080 sambaPrimaryGroupSID: S-1-5-21-3325760187-3909277049-4208064797-2107 sambaAcctFlags: [W ] sambaLogonTime: 0 sambaLogoffTime: 0 sambaKickoffTime: 0 sambaPwdMustChange: 2147483647 sambaPwdCanChange: 1121708732 sambaNTPassword: 763BF0E6707F001EFC3A10BC2BCAA57C sambaPwdLastSet: 1121708732 modifiersName: cn=Manager,dc=nesbitt,dc=local modifyTimestamp: 20050718174532Z == Can someone give me a pointer as to what I'm doing wrong? just guessing that your RHEL was RHEL 3.0 with ldap-2.07-whatever and there wasn't any schema checking which allowed you to get away with some sloppy errors. On my schema, posixAccount would require cn, uid, uidNumber, gidNumber and homeDirectory (all of which are in the above) but I would guess that you have an account that lacks one of those attributes. Best to check your 'nis.schema' for the 'musts' and then verify that all your accounts have the 'musts' attributes because one of them is probably missing. Generally, I get a report from slapadd that tells me which line # - which would likely be the end of the record where it tripped. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.9 == 3.0.14a migration LDIF problem
On Thu, 2005-12-01 at 15:52 -0500, Collins, Kevin wrote: I'm trying to migrate my existing RedHat ES Samba PDC to Ubuntu. I'm certain that is caused by the differing version of OpenLDAP that I'm running, Yes, it is the OpenLDAP upgrade that is causing you pain. dn: uid=magellan$,ou=Computers,dc=nesbitt,dc=local uidNumber: 1040 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false objectClass: top objectClass: posixAccount objectClass: sambaSamAccount Can someone give me a pointer as to what I'm doing wrong? In this specific instance you are missing an objectClass: account Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
