[Freeipa-users] FreeIPA as a password backend to Samba
Michael Wisniewski
wiz561 at gmail.com
Thu Dec 3 16:14:44 UTC 2009
Hi,
I've discovered that back in September, a user was attempting to use
FreeIPA as a password backend to Samba. I've followed the
instructions from Loris, but ran into a problem. Whenever I create a
new group, I get the following error through the web interface...
Group add failed: A database error occurred
Object class violation. missing attribute "sambaGroupType" required by
object class "sambaGroupMapping"
If I use the command line 'ipa-addgroup', I get a similar error.
However, if I use a ldif and set everything, it works...
# ldif2ldap "cn=Directory manager" <password> /tmp/s1.ldif
# cat /tmp/s1.ldif
dn: cn=Cyber,cn=groups,cn=accounts,dc=test,dc=org
objectClass: top
objectClass: groupofnames
objectClass: posixGroup
cn: Cyber
description: Cyber Security Group
gidNumber: 1005
Now the strange thing. While I did add the "sambaGroupMapping", I
don't see it when I do a ldapsearch and view the group. Also, if I
add my user to the newly created group and run "id", it doesn't show
up that I belong to that group.
If anybody can help me with this, that would be great. Since I'm just
starting, if somebody says FreeIPA v2 has this already, I don't mind
switching to it.
Thanks,
Mike
More information about the Freeipa-users
mailing list