On Fri, 2006-03-24 at 10:26 -0800, Mont Rothstein wrote:
> A suggestion was made that I should add the contents of my
> sambaAdmin.ldif file to this post. They are below.
>
> The kerberosSecurityObject isn't in my schema, so thus the error. But
> why did migrate_password.pl put that in my ldif? Is there a config
> option somewhere that should be switched to disable Kerberos or do I
> just need to manually edit the ldif and delete the offending line?
>
> Thanks,
> -Mont
>
>
> dn: uid=Administrator,ou=People,dc=forayadams,dc=foray,dc=com
> uid: Administrator
> cn: Samba Admin
> givenName: Samba
> sn: Admin
> mail: Administrator at forayadams.foray.com
> mailRoutingAddress: Administrator at mail.forayadams.foray.com
> mailHost: mail.forayadams.foray.com
> objectClass: inetLocalMailRecipient
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> objectClass: kerberosSecurityObject
> userPassword: {crypt}x
> krbName: Administrator at FORAYADAMS.FORAY.COM
> loginShell: /bin/bash
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Samba Admin
----
the option of course is yours.
If you read through the source within the padl migration scripts (I'm
assuming that you used the ones installed by openldap-server package
from the distribution, you will probably notice how and why it is put
there...presumably because you have chosen to use an extended schema.
I think the object is to test, tune, test, tune until you get what you
want from the migration scripts.
I suspect the reasons no one else answered this question was that the
source isn't part of FDS, the DSA setup will be as you design it to be
and the source is lightweight and should be simple enough to comprehend
and adjust as needed.
Craig
