ldap_modify: No such attribute (16) Samba Zimbra Integration

[wilsonneil]

Hi there,

I'm trying to integrate samba into the Zimbra UI and I'm getting stuck on the step of adjusting the LDAP acls.

This is the guide I'm using.

UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 - Zimbra :: Wiki

Any ideas on why I'm getting this message?

ldapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -W
Enter LDAP Password:
modifying entry "olcDatabase={2}hdb,cn=config"
ldap_modify: No such attribute (16)
additional info: modify/delete: olcAccess: no such value



Here is my acl.ldif



dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by * read
-
add: olcAccess
olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by * read

dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcAccess
olcAccess: {10}to dn.subtree="dc=blabla,dc=co,dc=za" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=blabla,dc=co,dc=za" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=blabla,dc=co,dc=za" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {13}to dn.subtree="ou=people,dc=blabla,dc=co,dc=za" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none

I've gone through the two posts that I've found on the forums, and I don't see the same error that the other users have had.

Thanks, any help will be greatly appreciated.

Regards.

Neil.

[vavai]

Quote:

Originally Posted by wilsonneil

Hi there,

I'm trying to integrate samba into the Zimbra UI and I'm getting stuck on the step of adjusting the LDAP acls.

This is the guide I'm using.

UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 - Zimbra :: Wiki

Any ideas on why I'm getting this message?

ldapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -W
Enter LDAP Password:
modifying entry "olcDatabase={2}hdb,cn=config"
ldap_modify: No such attribute (16)
additional info: modify/delete: olcAccess: no such value

Neil.

Just an info for anyone found similar error message, the error occurred because these are an existing ACL on the LDAP schema. Inserting incomplete or failed ACL is one of the common cause.

Check your existing ACL with the following command :

Code:

ldapsearch -x -H ldapi:/// -D cn=config -W -b olcDatabase={2}hdb,cn=config olcAccess

and then compared it with your own ACL.ldif.

[huynguyengds]

Hi there,

I have the same issue.

What can I do? Please help

Code:

dapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -W
Enter LDAP Password:
modifying entry "olcDatabase={2}hdb,cn=config"
ldap_modify: No such attribute (16)
additional info: modify/delete: olcAccess: no such value

This is my acl.ldif

Code:

dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {0}
-
add: olcAccess
olcAccess: {0}to attrs=userPassword  by anonymous auth  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write

dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {9}
-
add: olcAccess
olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by * read

dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcAccess
olcAccess: {10}to dn.subtree="dc=systeminteg,dc=com"  by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=systeminteg,dc=com"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=systeminteg,dc=com"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
olcAccess: {13}to dn.subtree="ou=people,dc=systeminteg,dc=com"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none

Code:

ldapsearch -x -H ldapi:/// -D cn=config -W -b olcDatabase={2}hdb,cn=config olcAccess
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <olcDatabase={2}hdb,cn=config> with scope subtree
# filter: (objectclass=*)
# requesting: olcAccess
#

# {2}hdb, config
dn: olcDatabase={2}hdb,cn=config

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1