I was trying to add a new user via smbpasswd with the command: ./smbpasswd -a test And I revieved the following response: New SMB password: Retype new SMB password: ldapsam_modify_entry: Failed to add user dn= uid=test,o=grape,dc=dummy,dc=mydom with: Undefined attribute type rid: attribute type undefined ldapsam_add_sam_account: failed to modify/add user with uid = test (dn = uid=test,o=grape,dc=dummy,dc=mydom) Failed to add entry for user test. Failed to modify password entry for user test The rid: attribute not defined is the part that I find interesting as that attribute doesn't exist in your 3.0.0 schema?
In fact it would seem that most of the code is using the old samba schema: I got this from pdbedit: smbldap_search_suffix: searching for:[(&(&(uid=*)(objectclass=sambaSamAccount)) (objectclass=sambaAccount))] The objectclass sambaAccount seems to be built in and even if I define sambaSamAccount it will not over ride the built in search.
Ok, I have got this semi worked out, it seems that I needed to set up the password backend. However it seems strange that the new version would default to ldap_compat rather than use the new schema, so I think this is still a bug. Also the search string seems incorrect. (&(uid=%u) (objectType=sambaSamAccount)) does not return any values even when I use ldap tools to query the server. (&(objectType=sambaSamAccount)) returns all the accounts but when I use the full search string nothing, which mean that I can not update passwords or modify accounts or even connect to the accounts through windows. Howver when I use pdbedit -L I get a listing of the accounts.
You built with --with-ldapsam didn't you? The sole purpose of that option to build in default compatibility with Samba 2.2. Also check your indexs on the LDAP server. You may need to rebuild them. These are configuration issues and not bugs per say. Closing out.
database cleanup