[Fedora-directory-devel] Samba4 onto Fedora DS
Andrew Bartlett
abartlet at samba.org
Tue Aug 22 23:24:41 UTC 2006
On Tue, 2006-08-22 at 15:35 -0700, Pete Rowley wrote:
> Andrew Bartlett wrote:
>
> >On Tue, 2006-08-22 at 16:06 -0600, Richard Megginson wrote:
> >
> >
> >>Andrew Bartlett wrote:
> >>
> >>
> >>>On Tue, 2006-08-22 at 10:03 -0700, Pete Rowley wrote:
> >>>
> >>>
> >>>
> >>>>Kimmo Koivisto wrote:
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>>Andrew Bartlett wrote:
> >>>>>[snip]
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>>Anyway, this is the error I get with the attached schema:
> >>>>>>
> >>>>>>[abartlet at piglett source]$ sudo /opt/fedora-ds/slapd-piglett/start-slapd
> >>>>>>Password:
> >>>>>>[22/Aug/2006:21:03:47 +1000] dse - The entry cn=schema in
> >>>>>>file /opt/fedora-ds/slapd-piglett/config/schema/01samba4.ldif is
> >>>>>>invalid, error code 20 (Type or value exists) - attribute type
> >>>>>>streetAddress: Does not match the OID "1.2.840.113556.1.2.256". Another
> >>>>>>attribute type is already using the name or OID.
> >>>>>>[22/Aug/2006:21:03:47 +1000] dse - Please edit the file to correct the
> >>>>>>reported problems and then restart the server.
> >>>>>>
> >>>>>>I can find no other reference (in the schema ldif files) to
> >>>>>>streetAddress, or that OID.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>See 00core.ldif:
> >>>>>attributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetaddress' ) DESC 'Standard
> >>>>>LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC
> >>>>>2256' )
> >>>>>
> >>>>>Maybe this is what you wan't to remove?
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>It would be bad form to remove a standard attribute and replace it with
> >>>>one of the same name but different OID. It would be better to use the
> >>>>standard attribute.
> >>>>
> >>>>
> >>>>
> >>>What would go wrong if I did that?
> >>>
> >>>
> >>>
> >>The server might not start, apps might break.
> >>
> >>
> >
> >Do apps read the OID? I thought they just query by name. (The syntax is
> >identical in this case).
> >
> >
> >
> Typically a careful client would request attributes by OID, change the
> OID and you break the good apps.
OK. I wasn't aware you could even do that. I know Samba4 doesn't
support it :-)
> >I was kind of hoping someone might be able to give me that list, so I
> >can split the 00core.ldif. Once I know that list, I can place them into
> >my excludes file, and not have the AD schema replace them.
> >
> >
> Why not deal with the specific problems that arise when /adding/ the AD
> schema? I'm guessing that would be a shorter list?
Because the AD schema is a whole schema, not just some extra
attributes/objectClasses, I need to be able to replace 'person', and
many other classes that Microsoft has modified.
Once I start replacing classes, I need to know the list of 'if I replace
this, bad things happen'.
I'm not sure, both lists are pretty long.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/389-devel/attachments/20060823/ee222b11/attachment.bin
More information about the 389-devel
mailing list