"Access Denied" error is given when trying to rename a user with usrmgr.exe Config: [global] workgroup = TESTDOM encrypt passwords = true passdb backend = ldapsam:ldapi:/// domain logons = yes ldapsam:trusted=yes ldapsam:editposix=yes restrict anonymous = 0 log level = 10 log file = /var/log/samba ldap admin dn = cn=admin,dc=samba,dc=org ldap delete dn = yes ldap passwd sync = yes ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap user suffix = ou=users ldap suffix = dc=samba,dc=org ldap ssl = off panic action = "/opt/samba/bin/panic.sh %d %u %p" logon path = template homedir = /home/%U template shell = /bin/bash idmap backend = ldap:ldapi:/// idmap uid = 1000000-1999999 idmap gid = 1000000-1999999 idmap alloc backend = ldap idmap alloc config : ldap_url = ldapi:/// idmap alloc config : ldap_base_dn = ou=idmap,dc=samba,dc=org idmap alloc config : ldap_user_dn = cn=admin,dc=samba,dc=org Log level 10: http://dmarkey.com/~dmarkey/rename_user.log With this particular occurrence i was trying to rename "dmarkey" to "tttt"
rename user script = ldapmodrdn -r -Y EXTERNAL -H ldapi:/// "uid=%uold,ou=users,dc=samba,dc=org" "uid=%unew" Bit of a hack, but it works. Would it be a waste of time to try to get ldapsam_rename_sam_account to do this?
This is slightly more elegant, works for renaming computers(tested) and usernames. Only thing for usernames is that it makes the new username lowercase. rename user script = /opt/samba/bin/rename.sh "%uold" "%unew" ############################# #!/bin/bash COMPUTERSPREFIX="ou=computers,dc=samba,dc=org" USERSPREFIX="ou=users,dc=samba,dc=org" OLDNAME="$1" NEWNAME="$2" if [[ $OLDNAME =~ \$$ ]]; then ##is a computer account ldapmodrdn -r -Y EXTERNAL -H ldapi:/// "uid=$OLDNAME,$COMPUTERSPREFIX" "uid=$NEWNAME" exit $? else ldapmodrdn -r -Y EXTERNAL -H ldapi:/// "uid=$OLDNAME,$USERSPREFIX" "uid=$NEWNAME" exit $? fi ###########################
*** This bug has been marked as a duplicate of bug 6353 ***