thr3ads.net - samba - [Samba] Naming violation: objectClass: myObjectClass not a valid child class for <> [Jul 2020]

If this information is useful, please help other people find it:
Share via:

RhineDevil

2020-Jul-26 09:58 UTC

[Samba] Naming violation: objectClass: myObjectClass not a valid child class for <>

Sun, 26 Jul 2020 09:57:05 +0100 Rowland penny via samba <samba at
lists.samba.org>:> On 26/07/2020 09:43, RhineDevil via samba wrote:
> > 64 Naming violation: objectClass: myObjectClass not a valid child
class for <OU=myOrganizationUnit,DC=domain,DC=local>
> > Could someone give me an hint on why such an error could occur?
> 
> Please post the ldif you are trying to add.
> 
> Also, if you are using the .local tld, then can I suggest you don't, 
> .local is reserved for bonjour and hence, avahi
> 
> Rowland
> 
dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local
objectClass: top
objectClass: attributeSchema
attributeID: 1.3.6.1.4.1.42.2.27.2.1.15
schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg=cn: rfc822MailMember
name: rfc822MailMember
lDAPDisplayName: rfc822MailMember
description: rfc822 mail address of group member(s)
attributeSyntax: 2.5.5.5
oMSyntax: 22
isSingleValued: FALSE

dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
objectClass: top
objectClass: classSchema
governsID: 1.3.6.1.4.1.42.2.27.1.2.5
schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A=cn: nisMailAlias
name: nisMailAlias
lDAPDisplayName: nisMailAlias
subClassOf: top
objectClassCategory: 1
description: NIS mail alias
mustContain: cn
mayContain: rfc822MailMember
defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local

dn: ou=myOrganizationUnit,dc=local
ou: myOrganizationUnit
objectClass: top
objectClass: organizationalUnit

dn: 
cn=abuse,ou=myOrganizationUnit,dc=local
cn: abuse
objectClass: nisMailAlias
objectClass: top
rfc822MailMember: root

You said you didn't want to help me about this but if you'd do at least
I'd learn something useful for custom schemas, since this type of error
isn't referenced anywhere
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL:
<http://lists.samba.org/pipermail/samba/attachments/20200726/9c068e3f/attachment.sig>

Rowland penny

2020-Jul-26 11:06 UTC

head link

[Samba] Naming violation: objectClass: myObjectClass not a valid child class for <>

On 26/07/2020 10:58, RhineDevil wrote:> You said you didn't want to help me about this but if you'd do at
least I'd learn something useful for custom schemas, since this type of
error isn't referenced anywhere
No, I said I wouldn't help you shoot yourself in the foot, this isn't 
shooting anything ;-)

Create two ldif files:

/tmp/class.ldif

dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
objectClass: top
objectClass: classSchema
governsID: 1.3.6.1.4.1.42.2.27.1.2.5
schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A=cn: nisMailAlias
name: nisMailAlias
lDAPDisplayName: nisMailAlias
# possSuperiors: top
subClassOf: top
mustContain: cn
mayContain: rfc822MailMember
showInAdvancedViewOnly: FALSE
adminDisplayName: nisMailAlias
adminDescription: NIS mail alias
objectClassCategory: 1
systemOnly: FALSE
defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local

/tmp/attr.ldif

dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local
objectClass: top
objectClass: attributeSchema
attributeID: 1.3.6.1.4.1.42.2.27.2.1.15
schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg=cn: rfc822MailMember
name: rfc822MailMember
lDAPDisplayName: rfc822MailMember
adminDisplayName: rfc822MailMember
adminDescription: rfc822 mail address of group member(s)
attributeSyntax: 2.5.5.5
isSingleValued: FALSE
oMSyntax: 22

Now add the schema update like this:

service samba-ad-dc stop

ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/attr.ldif 
--option="dsdb:schema update allowed"=true

ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/class.ldif 
--option="dsdb:schema update allowed"=true

service samba-ad-dc start

Finally, Create another ldif:

/tmp/mod.ldif

dn: ou=myOrganizationUnit,dc=local
ou: myOrganizationUnit
objectClass: top
objectClass: organizationalUnit

dn: cn=abuse,ou=myOrganizationUnit,dc=local
cn: abuse
objectClass: nisMailAlias
objectClass: top
rfc822MailMember: root

and add it with:

ldbadd -H /var/lib/samba/private/sam.ldb /tmp/mod.ldif

Rowland

RhineDevil

2020-Jul-26 17:45 UTC

head link

[Samba] Naming violation: objectClass: myObjectClass not a valid child class for <>

Sun, 26 Jul 2020 12:06:03 +0100 Rowland penny via samba <samba at
lists.samba.org>:> On 26/07/2020 10:58, RhineDevil wrote:
> > You said you didn't want to help me about this but if you'd do
at least I'd learn something useful for custom schemas, since this type of
error isn't referenced anywhere
> 
> No, I said I wouldn't help you shoot yourself in the foot, this
isn't
> shooting anything ;-)
> 
> Create two ldif files:
> 
> /tmp/class.ldif
> 
> dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
> objectClass: top
> objectClass: classSchema
> governsID: 1.3.6.1.4.1.42.2.27.1.2.5
> schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A=> cn: nisMailAlias
> name: nisMailAlias
> lDAPDisplayName: nisMailAlias
> # possSuperiors: top
> subClassOf: top
> mustContain: cn
> mayContain: rfc822MailMember
> showInAdvancedViewOnly: FALSE
> adminDisplayName: nisMailAlias
> adminDescription: NIS mail alias
> objectClassCategory: 1
> systemOnly: FALSE
> defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
> 
> /tmp/attr.ldif
> 
> dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local
> objectClass: top
> objectClass: attributeSchema
> attributeID: 1.3.6.1.4.1.42.2.27.2.1.15
> schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg=> cn: rfc822MailMember
> name: rfc822MailMember
> lDAPDisplayName: rfc822MailMember
> adminDisplayName: rfc822MailMember
> adminDescription: rfc822 mail address of group member(s)
> attributeSyntax: 2.5.5.5
> isSingleValued: FALSE
> oMSyntax: 22
> 
> Now add the schema update like this:
> 
> service samba-ad-dc stop
> 
> ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/attr.ldif 
> --option="dsdb:schema update allowed"=true
> 
> ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/class.ldif 
> --option="dsdb:schema update allowed"=true
> 
> service samba-ad-dc start
> 
> Finally, Create another ldif:
> 
> /tmp/mod.ldif
> 
> dn: ou=myOrganizationUnit,dc=local
> ou: myOrganizationUnit
> objectClass: top
> objectClass: organizationalUnit
> 
> dn: cn=abuse,ou=myOrganizationUnit,dc=local
> cn: abuse
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
> 
> and add it with:
> 
> ldbadd -H /var/lib/samba/private/sam.ldb /tmp/mod.ldif
> 
> Rowland
> Done, I still get the same errors when adding mod.ldif

(I used ldbadd instead of ldbmodify, is that a problem?)

-- attr.ldif: --
dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,DC=mydomain,DC=ldom
cn: rfc822MailMember
objectClass: top
objectClass: attributeSchema
attributeID: 1.3.6.1.4.1.42.2.27.2.1.15
schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg=name: rfc822MailMember
lDAPDisplayName: rfc822MailMember
adminDisplayName: rfc822MailMember
adminDescription: rfc822 mail address of group member(s)
attributeSyntax: 2.5.5.5
oMSyntax: 22
isSingleValued: FALSE

-- class.ldif: --
dn: CN=nisMailAlias,CN=Schema,CN=Configuration,DC=mydomain,DC=ldom
cn: nisMailAlias
objectClass: top
objectClass: classSchema
governsID: 1.3.6.1.4.1.42.2.27.1.2.5
schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A=name: nisMailAlias
lDAPDisplayName: nisMailAlias
adminDisplayName: nisMailAlias
adminDescription: NIS mail alias
subClassOf: top
objectClassCategory: 1
mustContain: cn
mayContain: rfc822MailMember
showInAdvancedViewOnly: FALSE
systemOnly: FALSE
defaultObjectCategory:
CN=nisMailAlias,CN=Schema,CN=Configuration,DC=mydomain,DC=ldom

-- mod.ldif: --
dn: OU=MyOrganizationUnit,DC=mydomain,DC=ldom
ou: MyOrganizationUnit
objectClass: top
objectClass: organizationalUnit

dn: cn=abuse,ou=MyOrganizationUnit,DC=mydomain,DC=ldom
cn: abuse
objectClass: nisMailAlias
objectClass: top
rfc822MailMember: root
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL:
<http://lists.samba.org/pipermail/samba/attachments/20200726/384b0fe9/attachment.sig>

Maybe Matching Threads

Search for more apparently analagous threads

samba - Jul 2020 - Naming violation: objectClass: myObjectClass not a valid child class for <>

[Samba] Naming violation: objectClass: myObjectClass not a valid child class for <>

[Samba] Naming violation: objectClass: myObjectClass not a valid child class for <>

[Samba] Naming violation: objectClass: myObjectClass not a valid child class for <>

Maybe Matching Threads