From d22adc14a91b7be323ff79c1b464e2b0bf400478 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 5 Jan 2009 12:24:35 +1100 Subject: More work to have OpenLDAP accept the full AD schema We need to avoid handling DN+Binary and DN+String with the refint module for now, as this is a currently unsupported syntax. Also rename entryTTL to avoid a conflict with the operational attribute of the same name. Andrew Bartlett --- source4/scripting/python/samba/provision.py | 4 ++-- source4/setup/schema-map-openldap-2.3 | 5 ++++- source4/setup/schema_samba4.ldif | 2 ++ 3 files changed, 8 insertions(+), 3 deletions(-) (limited to 'source4') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 150e5c00df..763140b486 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1255,12 +1255,12 @@ def provision_backend(setup_dir=None, message=None, elif ldap_backend_type == "openldap": attrs = ["linkID", "lDAPDisplayName"] - res = schemadb.search(expression="(&(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1)))(objectclass=attributeSchema))", base=names.schemadn, scope=SCOPE_SUBTREE, attrs=attrs) + res = schemadb.search(expression="(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1))(objectclass=attributeSchema)(omSyntax=127))", base=names.schemadn, scope=SCOPE_SUBTREE, attrs=attrs) memberof_config = "# Generated from schema in %s\n" % schemadb_path refint_attributes = "" for i in range (0, len(res)): - expression = "(&(objectclass=attributeSchema)(linkID=%d))" % (int(res[i]["linkID"][0])+1) + expression = "(&(objectclass=attributeSchema)(linkID=%d)(omSyntax=127))" % (int(res[i]["linkID"][0])+1) target = schemadb.searchone(basedn=names.schemadn, expression=expression, attribute="lDAPDisplayName", diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3 index 233f9a9613..0d38652dae 100644 --- a/source4/setup/schema-map-openldap-2.3 +++ b/source4/setup/schema-map-openldap-2.3 @@ -11,7 +11,6 @@ distinguishedName description cn top -entryTTL uidNumber gidNumber #The memberOf plugin provides this attribute @@ -30,6 +29,10 @@ name:samba4RDN #Remap these so that we don't put operational attributes in a schema MAY modifyTimeStamp:samba4ModifyTimestamp 2.5.18.2:1.3.6.1.4.1.7165.4.255.3 +dynamicObject:samba4DynaimcObject +1.3.6.1.4.1.1466.101.119.2:1.3.6.1.4.1.7165.4.255.8 +entryTTL:samba4EntryTTL +1.3.6.1.4.1.1466.101.119.3:1.3.6.1.4.1.7165.4.255.9 #MiddleName has a conflicting OID 2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1 #defaultGroup has a conflicting OID diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif index d42795b94d..47010da637 100644 --- a/source4/setup/schema_samba4.ldif +++ b/source4/setup/schema_samba4.ldif @@ -189,6 +189,8 @@ oMSyntax: 20 #Allocated: (objectClasses) samba4ObjectClasses: 1.3.6.1.4.1.7165.4.255.5 #Allocated: (ditContentRules) samba4DitContentRules: 1.3.6.1.4.1.7165.4.255.6 #Allocated: (attributeTypes) samba4AttributeTypes: 1.3.6.1.4.1.7165.4.255.7 +#Allocated: (dynamicObject) samba4DynamicObject: 1.3.6.1.4.1.7165.4.255.8 +#Allocated: (entryTTL) samba4EntryTTL: 1.3.6.1.4.1.7165.4.255.9 # # Fedora DS uses this attribute, and we need to set it via our module stack -- cgit