Bug 6341 - deleting of local groups does not work with DirX LDAP server
Summary: deleting of local groups does not work with DirX LDAP server
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.2
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.2.11
Hardware: Other Linux
: P3 normal
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-05-08 07:49 UTC by Björn Jacke
Modified: 2009-05-15 01:54 UTC (History)
0 users

See Also:
vl: review+


Attachments
patch for 3.2 branch (1.22 KB, patch)
2009-05-14 12:52 UTC, Björn Jacke
no flags Details
patch for 3.3 branch (1.22 KB, patch)
2009-05-14 12:52 UTC, Björn Jacke
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Jacke 2009-05-08 07:49:27 UTC
deleting of local groups does not work with DirX LDAP server. smbd log shows:

[2009/05/07 15:06:33, 10] passdb/pdb_ldap.c:ldapsam_delete_entry(462)
  ldapsam_delete_entry: deleting attribute description
[2009/05/07 15:06:33, 10] passdb/pdb_ldap.c:ldapsam_delete_entry(462)
  ldapsam_delete_entry: deleting attribute displayName
[2009/05/07 15:06:33, 10] passdb/pdb_ldap.c:ldapsam_delete_entry(462)
  ldapsam_delete_entry: deleting attribute sambaSID
[2009/05/07 15:06:33, 10] passdb/pdb_ldap.c:ldapsam_delete_entry(462)
  ldapsam_delete_entry: deleting attribute sambaGroupType
[2009/05/07 15:06:33,  5] lib/smbldap.c:smbldap_modify(1395)
  smbldap_modify: dn => [sambaSID=S-1-5-21-2799530724-4052117497-3734074221-123127,ou=Groups,ou=TEST,o=...]
[2009/05/07 15:06:33, 10] lib/smbldap.c:smbldap_modify(1415)
  Failed to modify dn: sambaSID=S-1-5-21-2799530724-4052117497-3734074221-123127,ou=Groups,ou=TEST,o=...,
error: 67 (Operation not allowed on RDN) (Cannot remove RDN attributes)
      samr_DeleteDomAlias: struct samr_DeleteDomAlias
          out: struct samr_DeleteDomAlias
              alias_handle             : *

                  alias_handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : 0000001f-0000-0000-024a-d9dc07780000
              result                   : NT_STATUS_UNSUCCESSFUL

and a network trace shows that DirX returns 0x43 (LDAP_NOT_ALLOWED_ON_RDN).

http://gitweb.samba.org/?p=samba.git;a=commit;h=f238809d236443b8968e1b4b197a55935c7c7e85 fixes the problem.

This fix is uncritical and IMHO it should be picked into 3.2, 3,3 and 3.4.
Comment 1 Volker Lendecke 2009-05-11 01:28:31 UTC
Björn, can you directly push this into 3.4 and create the patch for 3.2 and 3.3?

Thanks,

Volker
Comment 2 Björn Jacke 2009-05-14 12:52:01 UTC
Created attachment 4154 [details]
patch for 3.2 branch
Comment 3 Björn Jacke 2009-05-14 12:52:54 UTC
Created attachment 4155 [details]
patch for 3.3 branch
Comment 4 Björn Jacke 2009-05-14 12:54:40 UTC
Karolin, is this enugh for 3.2/3.3 inclusion?
Comment 5 Karolin Seeger 2009-05-15 01:48:10 UTC
Yep, that's perfectly fine! :-)
Comment 6 Karolin Seeger 2009-05-15 01:54:05 UTC
Pushed. Will be included in 3.2.12 an 3.3.5.
Closing out bug report.

Thanks!