This is a cryptographically signed message in MIME format.

--===============1357782215==
Content-type: multipart/signed;
boundary=------------ms010808060204070601010308; micalg=sha1;
protocol="application/x-pkcs7-signature"

This is a cryptographically signed message in MIME format.

--------------ms010808060204070601010308
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit

What object class is the displayName in and does the user account have
that object class ? Im sure you need to have the object class before you
can add/remove the attribute assigned to the object classs.

Attributes belong to and are grouped in objectclasses.

Regards

Daniel Wilson
Systems Manager
Student and Learning Support
University of Sunderland
Tel: 0191 515 2695



Andrés Yacopino wrote:

> Thanks for replying Daniel, i execute :grep -il displayName *.ldif
>
> and i obtain:
>
> 00core.ldif
> 50ns-admin.ldif
> 50ns-iabs.ldif
> 99samba-schema-netscapeds5.x.ldif
> 99user.ldif
>
> And also see the configuration in the console and i see:
>
> Standard Attribute(Read Only):
>
> Name: displayName
> OID: 2.16.840.1.113730.3.1.241
> Syntax: DirectoryString
> Multivalued: not checked
>
> Do you know what is wrong with this?
> Thanks a lot,
> Andrés.
>
> 2006/2/14, Daniel Wilson > >:
>
> Im sure this means that its trying to delete the displayName attribute
> which is more than likely not in your LDAP schema.
>
> Look in "/slapd-/config/schema/" directory for
> your schema
>
> To see if "displayName" is part of any object classes in your LDAP
> schema search the schema files:
>
> bash# grep -il displayName
> /slapd-/config/schema/*.ldif
>
> If its not part of your schema you may want to add this attribute to
> your 99user.ldif schema file or add the attribute via the Sun LDAP
> console (recommended):
>
> bash # /startconsole &
> Server Group > Directory Server (Open) > Configuration > Schema >
> Attributes > Create
>
> -or-
>
> you may want to just disable schema checking in your LDAP server :
>
> bash # /startconsole &
> Server Group > Directory Server (Open) > Configuration > Schema
> (Disable)
>
> Regards
>
> Daniel Wilson
> Systems Manager
> Student and Learning Support
> University of Sunderland
> Tel: 0191 515 2695
>
>
>
> Andrés Yacopino wrote:
>
> > Daniel, check the log as you said and i hit this:
> >
> > [14/Feb/2006:14:19:10 +0300] - ERROR<5897> - Schema - conn=-1 op=-1
> > msgId=-1 -
> > User error: Entry "uid=aprueba$,ou=computers,o= acasalud.com.ar

>
> > ,dc=acasalud,dc=c
> > om,dc=ar", attribute "displayName" is not allowed
> >
> > What does it means?
> >
> > Thanks,
> > Andrés.
> >
> >
> >
> > 2006/2/14, Daniel Wilson < daniel.wilson@sunderland.ac.uk

>
> >
> >>:
> >
> > Have you checkes the Sun LDAP errors.log file for the

> specific object
> > class violation? Usually at
> > /slapd-/logs/errors.log
> >
> > Daniel Wilson
> > Systems Manager
> > Student and Learning Support
> > University of Sunderland
> > Tel: 0191 515 2695
> >
> >
> >
> > Andrés Yacopino wrote:
> >
> > >I have deployed a samba server with Sun Java Ldap Directory.
> > >
> > >I sucessfully create users and deleted them when ldap delete

> > dn=yes in
> > >smb.conf, but when ldap delete dn=no i obtain this error when i

> > issue a
> > >smbpasswd -m -x command:
> > >
> > >ldapsam_delete_entry: Could not delete attributes for
> > >uid=aprueba$,ou=computers,
> > >o= acasalud.com.ar

> > ,dc=acasalud,dc=com,dc=ar, error:

> Object
> > class violation ()
> > >Failed to delete entry for user aprueba$.
> > >Failed to modify password entry for user aprueba$
> > >
> > >My smb.conf is:
> > >
> > >[global]
> > >
> > > workgroup = ACASALUDROS
> > > server string = Sun Samba Server
> > > security = user
> > > dos filetimes = yes
> > > time offset = -360
> > > load printers = yes
> > > printcap name = /etc/printcap
> > > printing = cups
> > > guest account = guest
> > > log file = /usr/local/samba/var/log.%m
> > > log level = 5
> > > max log size = 50
> > > null passwords = yes
> > > encrypt passwords = yes
> > > ldap password sync = yes
> > > unix password sync = yes
> > > username level = 2
> > > password level = 0
> > > passwd program = /usr/bin/passwd %u
> > > passwd chat = *New* password* %n\n *new* password* %n\n

> > *successfully*
> > > idmap backend = ldapsam:ldap://localhost:389
> > > passdb backend = ldapsam:ldap://localhost:389
> > > ldap admin dn = cn=Directory Manager
> > > ldap suffix = o= acasalud.com.ar

>
> > ,dc=acasalud,dc=com,dc=ar
> > > ldap user suffix = ou=people
> > > ldap group suffix = ou=groups
> > > ldap machine suffix = ou=computers
> > > ldap idmap suffix = ou=idmap
> > > ldap delete dn = no
> > > socket options = TCP_NODELAY=0
> > > wins server = 10.11.0.2

>
> > > dns proxy = no
> > >
> > >what is wrong?
> > >
> > >Is that works only when
> > >
> > > preferred master = yes
> > > domain master = yes
> > > local master = yes
> > > domain logons = yes
> > >
> > >are yes?
> > >Any other ideas?
> > >
> > >Thanks a lot.
> > >
> > >
> > >--
> > >Andrés Yacopino
> > >
> > >

> >
> >
> >
> >
> >
> > --
> > Andrés Yacopino

>
>
>
>
>
>
> --
> Andrés Yacopino



--------------ms010808060204070601010308--

--===============1357782215==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--===============1357782215==--