Suse11, Samba, OpenLDAP and the posixGroup problem

Hi folks,

For the last few weeks I have been trying to build a samba PDC, and now, I am just stuck…on this idmap stuff,
and especially since suse and the samba utilities doesnt seem to want to work the same way.

I know that rfc2307bis schema and nis schema are different on the posixGroup object type, and that seems to be the problem.

If I am going to use Yast2 to handle groups and users, it seems I MUST use rfc2307bis schema, because the admintools expect to be able to use a posixGroup/GroupOfNames that doesnt exist in nis.schema.

But if I use the rfc2307-schema I get errors from either the “net sam provision” or smbtools-populate when trying to create the sids/gids.

I tried hacking smbtools-populate to add groupOfNames as an objecttype, but that failed on the requirement that groupOfNames MUST have certain attributes…and if I could hack all that manually, I wouldnt need the scripts.

Is there anyone that has a simple problem to this issue?

My last idea was simply to skip using yast…and so I went for the nis.schema, but it really annoys me that I cant use yast…


2 solutions:
The First:
Modifiy /etc/sysconfig/openldap and modify OPENLDAP_CONFIG_BACKEND=“file”
But you cannot use yast for configuring openldap.
The second:
rename rfc2307bis.schema and copy nis.schema with the name rfc2307bis.schema
and after you can execute yast.