Bug 108 - race condition with LDAP user add script and domain join
race condition with LDAP user add script and domain join
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control
3.0.0preX
Other other
: P2 normal
: none
Assigned To: Gerald (Jerry) Carter
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-05-22 08:02 UTC by Gerald (Jerry) Carter
Modified: 2005-08-24 10:20 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gerald (Jerry) Carter 2003-05-22 08:02:11 UTC
Try to join a domain with no previous posixAccount.
Simple perl script to create the user (machine account).
The domain join fails with:

   failed to modify user with uid = xptest$, error: 
     modify/add: displayName: value #0 already exists 
     (Success)

You get an 'access denied' error on the client workstation.

However, if the posixAccount already exists, the join 
succeeds.  Curious bug.  Could be in my scripts.

OpenLDAP 2.1.20 + Berkeley db 5.1.25
Comment 1 Gerald (Jerry) Carter 2003-05-22 10:04:58 UTC
Interesting, wasn't a race condition.  Was a problem trying
to change the displayName attribute from xptest$ to XPTEST$.
Since the displayName attribute is case-insensitive, this 
failed.

Changing the strcmp() in make_ldap_mod() to a StrCaseCmp()
fixed the problem.
Comment 2 Gerald (Jerry) Carter 2005-02-07 07:57:32 UTC
originally reported against 3.0aph24.  Bugzilla spring cleaning.  
Removing old alpha versions.
Comment 3 Gerald (Jerry) Carter 2005-08-24 10:20:14 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.