Hi everyone samba --version Version 4.0.0alpha18-GIT-bfc7481 openSUSE 12.1 If I do this: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount - replace: primarygroupid primarygroupid: 1134 I get an error something like: ERR: (Unwilling to perform) error 53 If however I do the ldbmodify in 2 stages: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify add: objectclass objectclass: posixaccount and then: ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site dn: CN=steve6,CN=Users,DC=hh3,DC=site changetype: modify replace: primarygroupid primarygroupid: 1134 It works. I tried with ldapmodify too. Same result. Actually, I'm doing the ldbmodify stuff in a script. Still the same. I have to do: ldbmodify <the add stuff> sleep 5 ldbmodify <the replace stuff> What am I doing wrong? Maybe my slow hardware? Is it possible to add and replace in one go? Cheers, Steve
Andrew Bartlett
2012-Feb-15 13:35 UTC
[Samba] Samba4 ldbmodify Unwilling to perform error 53
On Tue, 2012-02-14 at 16:56 +0100, steve wrote:> Hi everyone > samba --version > Version 4.0.0alpha18-GIT-bfc7481 > openSUSE 12.1 > > If I do this: > > ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site > dn: CN=steve6,CN=Users,DC=hh3,DC=site > changetype: modify > add: objectclass > objectclass: posixaccount > - > replace: primarygroupid > primarygroupid: 1134 > > I get an error something like: ERR: (Unwilling to perform) error 53 > > If however I do the ldbmodify in 2 stages: > > ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site > dn: CN=steve6,CN=Users,DC=hh3,DC=site > changetype: modify > add: objectclass > objectclass: posixaccount > > and then: > > ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=hh3,dc=site > dn: CN=steve6,CN=Users,DC=hh3,DC=site > changetype: modify > replace: primarygroupid > primarygroupid: 1134 > > It works.primaryGroupID is special, but you may have found a bug in the handler for it. We have to confirm that the value being selected does not conflict with the existing group memberships. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org
Seemingly Similar Threads
- nfs4 with Samba 4
- Samba 4 ldb_wrap open of idmap.ldb
- Samba 4 Kerberos: Failed to decrypt PA-DATA
- Samba 4 account with a 'ldbmodify-ed' password does not login into domain from a Windows 7 VM
- Samba 4 account with a 'ldbmodify-ed' password does not login into domain from a Windows 7 VM