Use LDAP Account Manager with OpenLDAP to manage Samba4 users for a file server

Question

I'm setting up a file server in Ubuntu using Samba4. I need an easy way to manage users, so I'm using LDAP Account Manager with OpenLDAP

I can successfully create users by running sudo smbpasswd -a <user_name>

I set up OpenLDAP and LDAP Account Manager. When I try to make a new Windows group, it throws the error Was unable to create DN: cn=test,ou=group,dc=<mydomainname>,dc=org. LDAP error, server says: Invalid syntax - objectClass: value #0 invalid per syntax

Following instructions online, I ran a Schema Test, and the result was:

Schema test
Users
Unix                The attribute unixHomeDirectory is not supported for the 
object class posixAccount by your LDAP server.
Shadow              No problems found.
Windows             The object class user is not supported by your LDAP server.
Groups
Windows             The object class group is not supported by your LDAP server.

I see that there is a problem in the configuration. How can I fix it? I can't find any instructions online on how to set this up properly.

score 0 · Accepted Answer · answered Jul 31 '19 at 17:35

LDAP error, server says: Invalid syntax - objectClass: value #0 invalid per syntax

This message basically means that your client sent a write operation with an objectClass value referencing an object class description which is not present in your LDAP server's schema. It seems you're trying to add an AD-specific entry with object class group which is not available in OpenLDAP.

Note that Samba4 has a built-in LDAP server with its own user and group database. You probably want LDAP Account Manager to directly access Samba4's LDAP service.

Use LDAP Account Manager with OpenLDAP to manage Samba4 users for a file server

1 Answers1