On Fri, 2006-03-24 at 10:26 -0800, Mont Rothstein wrote:
A suggestion was made that I should add the contents of my
sambaAdmin.ldif file to this post. They are below.
The kerberosSecurityObject isn't in my schema, so thus the error. But
why did migrate_password.pl put that in my ldif? Is there a config
option somewhere that should be switched to disable Kerberos or do I
just need to manually edit the ldif and delete the offending line?
Thanks,
-Mont
dn: uid=Administrator,ou=People,dc=forayadams,dc=foray,dc=com
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator(a)forayadams.foray.com
mailRoutingAddress: Administrator(a)mail.forayadams.foray.com
mailHost:
mail.forayadams.foray.com
objectClass: inetLocalMailRecipient
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: kerberosSecurityObject
userPassword: {crypt}x
krbName: Administrator(a)FORAYADAMS.FORAY.COM
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin
----
the option of course is yours.
If you read through the source within the padl migration scripts (I'm
assuming that you used the ones installed by openldap-server package
from the distribution, you will probably notice how and why it is put
there...presumably because you have chosen to use an extended schema.
I think the object is to test, tune, test, tune until you get what you
want from the migration scripts.
I suspect the reasons no one else answered this question was that the
source isn't part of FDS, the DSA setup will be as you design it to be
and the source is lightweight and should be simple enough to comprehend
and adjust as needed.
Craig