I did the patch for the dn, and no problem with that now
--------------------------------------------------------
diff --git a/source/ldap_server/ldap_backend.c b/source/ldap_server/ldap_backend.c
index 9047773..2193c98 100644
--- a/source/ldap_server/ldap_backend.c
+++ b/source/ldap_server/ldap_backend.c
@@ -348,7 +348,7 @@ static NTSTATUS ldapsrv_ModifyRequest(struct ldapsrv_call *call)
NT_STATUS_HAVE_NO_MEMORY(local_ctx);

dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn, 1);
+ VALID_DN_SYNTAX(dn, 0);

DEBUG(10, ("ModifyRequest: dn: [%s]\n", req->dn));
---------------------------------------------------------
There is another error now:
"additional info: attribute schemaUpdateNow is not a valid attribute in schema"
That happens in dsdb\samdb\ldb_modules\objectclass.c: fix_attributes function


----- Original Message -----
> From: simo
> To: Andrew Bartlett
> Cc: Michael Ströder , Anatoliy Atanasov , samba-technical@lists.samba.org
> Sent: Tuesday, July 1, 2008 3:45:57 PM GMT+0200 Europe;Athens
> Subject: Re: How to process schemaUpdateNow ldap request

> > On Tue, 2008-07-01 at 16:54 +1000, Andrew Bartlett wrote:
> > On Mon, 2008-06-30 at 17:41 +0200, Michael Ströder wrote:
> > > Anatoliy Atanasov wrote:
> > > >
> > > > I am trying to make schema cache in dsdb_schema to reload with
> newly added mappings from ldb.
> > > > This is done by the following ldap request which is valid
> command for Win2003
> > > >
> > > > dn:
> > > > changetype: modify
> > > > add: schemaUpdateNow
> > > > schemaUpdateNow: 1
> > > >
> > > > I want to process this in rootdse module .modify function, but
> it's never called and the return message says:
> > > >
> > > >> ldap_modify_ext: Invalid DN syntax (34)
> > > >> additional info: Invalid DN (1 components needed for
> 'dn')
> > >
> > > FWIW your DN line in your e-mail above is "dn:". Maybe try it with
> > > "dn: " instead. The space is part of the separator between
> attribute
> > > type and attribute value.
> > >
> > > See declaration of dn-spec and FILL in RFC 2849.
> >
> > nah, this error occours well past the ldif parsing layer - it's
> actually
> > a problem on the server.
> >
> > If you look at ldap_server/ldap_backend.c, the macro VALID_DN_SYNTAX
> > takes two argument, the first being the DN, and the second is the
> number
> > of components it must have. Set that to 0 and you should be right.
> >
> > I don't see why this layer should be trying to determine if a DN is
> > valid (ldb can do that very well itself). This looks like Simo's
> code,
> > according to 'git blame', so I'll flip-pass this question to him...
>
> I think we added it before ldb was able to validate, then kept it for
> performance reasons, it make no sense to process the entry if it is
> going to be rejected.
> However a null DN should not be refuse I guess, feel free to patch the
> code to let that DN be considered valid (as it is).
>
> Simo.
>
> --
> Simo Sorce
> Samba Team GPL Compliance Officer
> Senior Software Engineer at Red Hat Inc.