On Wed, 2006-03-01 at 19:12 -0700, Richard Megginson wrote: > This is what I did: > cd /opt/fedora-ds/slapd-localhost/config/schema > perl ~/ol2rhds.pl < /usr/share/doc/samba-3.0.14a/LDAP/samba.schema > > 61samba.ldif > # http://www.directory.fedora.redhat.com/download/ol2rhds.pl > ../../restart-slapd > ldapsearch -x -h localhost -p myport -s base -b "cn=schema" > "objectclass=*" | grep -i samba > I just did those exact same steps myself and there does appear to be a problem. They "MAY" portions of the schema get dropped. Here is the sambaSamAccount from my converted schema: objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Samba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) ) and here is the sambaSamAccount from the /usr/share/doc/ samba.schema: objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY DESC 'Samba 3.0 Auxilary SAM Account' MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaPasswordHistory $ sambaLogonHours)) Without the 'MAY' portion, when I import my directory dump from OpenLDAP, any accounts that have any of those samba attributes set (all of them unfortunately) don't import because of the invalid attributes. Looks like it's a bug in the ol2rhds.pl script. -- David Hollis <dhollis at davehollis.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: This is a digitally signed message part Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060302/0e795dda/attachment.bin
