Bug 6587 - Users cannot be renamed in usrmgr.exe(LDAP Backend)
Summary: Users cannot be renamed in usrmgr.exe(LDAP Backend)
Status: RESOLVED DUPLICATE of bug 6353
Alias: None
Product: Samba 3.4
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.4.0
Hardware: Other Linux
: P3 normal
Target Milestone: ---
Assignee: Volker Lendecke
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-07-29 07:33 UTC by David Markey
Modified: 2009-08-14 04:39 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description David Markey 2009-07-29 07:33:22 UTC
"Access Denied" error is given when trying to rename a user with usrmgr.exe

Config:

[global]
  workgroup = TESTDOM
  encrypt passwords = true
  passdb backend =   ldapsam:ldapi:///
  domain logons = yes
  ldapsam:trusted=yes
  ldapsam:editposix=yes
  restrict anonymous = 0
  log level = 10
  log file = /var/log/samba
  ldap admin dn = cn=admin,dc=samba,dc=org
  ldap delete dn = yes
  ldap passwd sync = yes
  ldap group suffix = ou=groups
  ldap machine suffix = ou=computers
  ldap user suffix = ou=users
  ldap suffix = dc=samba,dc=org
  ldap ssl = off
  panic action = "/opt/samba/bin/panic.sh %d %u %p"
  logon path =
  template homedir = /home/%U
  template shell = /bin/bash
  idmap backend = ldap:ldapi:///
  idmap uid = 1000000-1999999
  idmap gid = 1000000-1999999
  idmap alloc backend = ldap
  idmap alloc config : ldap_url = ldapi:///
  idmap alloc config : ldap_base_dn = ou=idmap,dc=samba,dc=org
  idmap alloc config : ldap_user_dn = cn=admin,dc=samba,dc=org



Log level 10: http://dmarkey.com/~dmarkey/rename_user.log

With this particular occurrence i was trying to rename "dmarkey" to "tttt"
Comment 1 David Markey 2009-07-29 10:25:17 UTC
rename user script = ldapmodrdn -r -Y EXTERNAL -H ldapi:/// "uid=%uold,ou=users,dc=samba,dc=org" "uid=%unew"



Bit of a hack, but it works.


Would it be a waste of time to try to get ldapsam_rename_sam_account to do this?
Comment 2 David Markey 2009-07-29 11:03:52 UTC
This is slightly more elegant, works for renaming computers(tested) and usernames. Only thing for usernames is that it makes the new username lowercase.


rename user script = /opt/samba/bin/rename.sh "%uold" "%unew"

#############################

#!/bin/bash
COMPUTERSPREFIX="ou=computers,dc=samba,dc=org"
USERSPREFIX="ou=users,dc=samba,dc=org"

OLDNAME="$1"
NEWNAME="$2"


if [[ $OLDNAME =~ \$$ ]]; then
        ##is a computer account
        ldapmodrdn -r -Y EXTERNAL -H ldapi:/// "uid=$OLDNAME,$COMPUTERSPREFIX" "uid=$NEWNAME"
        exit $?

else

        ldapmodrdn -r -Y EXTERNAL -H ldapi:/// "uid=$OLDNAME,$USERSPREFIX" "uid=$NEWNAME"
        exit $?

fi

###########################
Comment 3 David Markey 2009-08-14 04:39:29 UTC

*** This bug has been marked as a duplicate of bug 6353 ***