Whilst trying to extend Samba4 schema with attributeSyntax: 2.5.5.1, breaks tdb database. Error message when restarting Samba4: ../source4/dsdb/schema/schema_init.c:696: Unknown schema syntax for zarafaSendAsPrivilege ../source4/dsdb/schema/schema_init.c:839: schema_fsmo_init: failed to load attribute definition: CN=Zarafa-Send-As,CN=Schema,CN=Configuration,DC=dev,DC=lismanis,DC=co,DC=uk:WERR_DS_ATT_SCHEMA_REQ_SYNTAX ldb: module schema_load initialization failed : Constraint violation ldb: module operational initialization failed : Constraint violation ldb: module aclread initialization failed : Constraint violation ldb: module acl initialization failed : Constraint violation ldb: module descriptor initialization failed : Constraint violation ldb: module objectclass initialization failed : Constraint violation ldb: module asq initialization failed : Constraint violation ldb: module server_sort initialization failed : Constraint violation ldb: module paged_results initialization failed : Constraint violation ldb: module rootdse initialization failed : Constraint violation ldb: module samba_dsdb initialization failed : Constraint violation ldb: Unable to load modules for /usr/local/samba/private/sam.ldb: dsdb_schema load failed: schema_fsmo_init: failed to load attribute definition: CN=Zarafa-Send-As,CN=Schema,CN=Configuration,DC=dev,DC=lismanis,DC=co,DC=uk:WERR_DS_ATT_SCHEMA_REQ_SYNTAX samba: using 'single' process model LDIF schema: dn: CN=Zarafa-Send-As,CN=Schema,CN=Configuration,DC=dev,DC=lismanis,DC=co,DC=uk changetype: add adminDisplayName: Zarafa-Send-As attributeID: 1.3.6.1.4.1.26278.1.1.2.4 attributeSyntax: 2.5.5.1 cn: Zarafa-Send-As distinguishedName: CN=Zarafa-Send-As,CN=Schema,CN=Configuration,DC=dev,DC=lismanis,DC=co,DC=uk instanceType: 4 isSingleValued: FALSE lDAPDisplayName: zarafaSendAsPrivilege name: Zarafa-Send-As objectCategory: CN=Attribute-Schema,<SchemaContainerDN> objectClass: top objectClass: attributeSchema oMSyntax: 127 schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw== showInAdvancedViewOnly: TRUE searchFlags: 0
Metze, do you have an idea?
The oMObjectClass attribute is missing. The syntax we support is this: .name = "Object(DS-DN)", .ldap_oid = LDB_SYNTAX_DN, .oMSyntax = 127, .oMObjectClass = OMOBJECTCLASS("\x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a"), .attributeSyntax_oid = "2.5.5.1", .drsuapi_to_ldb = dsdb_syntax_DN_drsuapi_to_ldb, .ldb_to_drsuapi = dsdb_syntax_DN_ldb_to_drsuapi, .validate_ldb = dsdb_syntax_DN_validate_ldb, .equality = "distinguishedNameMatch", .comment = "Object(DS-DN) == a DN", We're currently not doing any validation checks on schema modifications... If you it works against a windows server, we may need some logic to autogenerate the oMObjectClass on add.
There appears to be problem only with this syntax 2.5.5.1. All other syntaxes are being added successfully without breaking the database. There is more discussion about this syntax and issues experienced by other users: http://samba.2283325.n4.nabble.com/Extending-Samba4-schema-td3073004.html There you will also be able to download the original schema file which works fine on MS AD.
I have managed to find a workaround by extracting current 2.5.5.1 syntaxes into LDIF using phpldapadmin. I can now add the new schema by adding oMObjectClass:: KwwCh3McAIVK ------------------------------- dn: CN=Zarafa-Send-As,CN=Schema,CN=Configuration,DC=lismanis,DC=co,DC=uk changetype: add adminDisplayName: Zarafa-Send-As oMObjectClass:: KwwCh3McAIVK attributeID: 1.3.6.1.4.1.26278.1.1.2.4 attributeSyntax: 2.5.5.1 cn: Zarafa-Send-As distinguishedName: CN=Zarafa-Send-As,CN=Schema,CN=Configuration,DC=lismanis,DC=co,DC=uk instanceType: 4 isSingleValued: FALSE lDAPDisplayName: zarafaSendAsPrivilege name: Zarafa-Send-As objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=lismanis,DC=co,DC=uk objectClass: top objectClass: attributeSchema oMSyntax: 127 schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw== showInAdvancedViewOnly: TRUE searchFlags: 0 systemOnly: FALSE