thr3ads.net - samba - [Samba] [OT] ldapmodify options for changing AD attributes [Aug 2006]

If this information is useful, please help other people find it:
Share via:

Gianluca Cecchi

2006-Aug-24 16:42 UTC

[Samba] [OT] ldapmodify options for changing AD attributes

I have a samba 3 dc where users log on with their win xp workstations
and I have a w2k3 domain where there is an exchange server the users
connect to with outlook.
I would like to do an ldapmodify command on active directory to
initially align  time  password was set for both samba and exchane and
then have the users notified when logon samba pwd is near to expirate
and so they receive also outlook notification for changing w2k3 domain
password.

At the moment I'm investigating ldapmodify command itself.
I can modify for example mailNickname AD attribute for the user, but
not pwdLastSet and
accountExpires

input file for mailNickname is
dn: CN=Gianluca Cecchi,CN=Users,DC=companymail,DC=local
changetype: modify
replace: mailNickname
mailNickname: gcecchi1

and it succeeds

input file for pwdLastSet is
dn: CN=Gianluca Cecchi,CN=Users,DC=companymail,DC=local
changetype: modify
replace: pwdLastSet
pwdLastSet: 127969313462031250

the command failed:

# ldapmodify -r -v -h w2k3_domain -x -D
"CN=adm_user,cn=users,DC=companymail,DC=local" -W -f
ldap_gcecchi_modify.txt
ldap_init( w2k3_domain, 0 )
Enter LDAP Password:
replace pwdLastSet:
        127969313462031250
modifying entry "CN=Gianluca Cecchi,CN=Users,DC=companymail,DC=local"
ldap_modify: Unknown error
        additional info: 00000057: SysErr: DSID-031A0FB6, problem 22
(Invalid argument), data 0


ldif_record() = 80

perhaps anyone with experience in ldap for samba can help?
Do I have to specify also the format of the value in some way?

Thanks in advance for your help.
Gianluca

simo

2006-Aug-24 16:55 UTC

head link

[Samba] [OT] ldapmodify options for changing AD attributes

On Thu, 2006-08-24 at 18:41 +0200, Gianluca Cecchi
wrote:> # ldapmodify -r -v -h w2k3_domain -x -D
> "CN=adm_user,cn=users,DC=companymail,DC=local" -W -f
> ldap_gcecchi_modify.txt
> ldap_init( w2k3_domain, 0 )
> Enter LDAP Password:
> replace pwdLastSet:
>         127969313462031250
> modifying entry "CN=Gianluca
Cecchi,CN=Users,DC=companymail,DC=local"
> ldap_modify: Unknown error
>         additional info: 00000057: SysErr: DSID-031A0FB6, problem 22
> (Invalid argument), data 0
> 
> 
> ldif_record() = 80
> 
> perhaps anyone with experience in ldap for samba can help?
> Do I have to specify also the format of the value in some way?
I think you simply cannot change this value against the AD ldap server,
if I recall it correctly it is marked as systemOnly.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer
email: idra@samba.org
http://samba.org

Apparently Analagous Threads

Search for more maybe matching threads

samba - Aug 2006 - [OT] ldapmodify options for changing AD attributes

[Samba] [OT] ldapmodify options for changing AD attributes

[Samba] [OT] ldapmodify options for changing AD attributes

Apparently Analagous Threads