[cifs-protocol] FW: FW: Inconsistencies in ad-schema docs and text files SRX090109601490

Hongwei Sun hongweis at microsoft.com
Fri Feb 12 15:55:08 MST 2010 

Tridge/Andrew,

  We are in the process to update our MS-ADA*  documents  to reflect all the changes you made to the schema.   I just want to confirm how you got these changes and if all these changes are essential.  Your comments in diff below mentioned only the typos.  

	"The schema from WSPP had a number of typos that prevented it from
	working. These changes allow it to work with Samba, and allow w2k8r2
	to run DCPROMO against Samba successfully"

 How about the other changes, especially all these attributes adding SystemFlags: 0 ?   If you don't have these changes, does it affect the functionality of W2k8 R2 to join Samba domain ?  Have you got the other changes by comparing with an existing W2k8R2 schema ?    The  following is the list of attributes that affect schema documents.

*******problem attribute  cn:attributeCertificateAttribute
+systemFlags: 0

*******problem attribute  cn: audio
+systemFlags: 0

*******problem attribute  cn: carLicense
+systemFlags: 0

*******problem attribute  cn: departmentNumber
+systemFlags: 0

*******problem attribute  cn: Employee-Number
-systemFlags: FLAG_SCHEMA_BASE_OBJECT
+systemFlags: 0

*******problem attribute  cn: Employee-Type
-systemFlags: FLAG_SCHEMA_BASE_OBJECT
+systemFlags: 0

*******problem attribute  cn: Hide-From-AB
+systemFlags: 0

*******problem attribute  cn: Is-Recycled
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: jpegPhoto
+systemFlags: 0

*******problem attribute  cn: labeledURI
+systemFlags: 0

*******problem attribute  cn: Last-Logon-Timestamp
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DFS-Comment-v2
+systemFlags: FLAG_SCHEMA_BASE_OBJECT

*******problem attribute  cn: ms-DFS-Generation-GUID-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Last-Modified-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Link-Identity-GUID-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Link-Path-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Link-Security-Descriptor-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Namespace-Identity-GUID-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Properties-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFSR-RootSizeInMb
-rangeUpper: -1

*******problem attribute  cn: ms-DFS-Schema-Major-Version
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Schema-Minor-Version
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Short-Name-Link-Path-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Target-List-v2
+systemFlags: 16

*******problem attribute  cn: ms-DFS-Ttl-v2
+systemFlags: FLAG_SCHEMA_BASE_OBJECT

*******problem attribute  cn: MS-DRM-Identity-Certificate
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Byte-Array
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-DS-Date-Time
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-DS-Enabled-Feature-BL
-isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Phonetic-Company-Name
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Supported-Encryption-Types
-systemOnly: FALSE

*******problem attribute  cn: ms-DS-Host-Service-Account-BL 
-systemOnly: TRUE

*******problem attribute  cn: ms-DS-Integer
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-DS-Last-Known-RDN
+rangeLower: 1
+rangeUpper: 255

*******problem attribute  cn: ms-DS-NC-Type
-isMemberOfPartialAttributeSet: TRUE


*******problem attribute  cn: ms-DS-OIDToGroup-Link-Bl 
-systemOnly: FALSE
+systemOnly: TRUE

*******problem attribute  cn: ms-DS-Optional-Feature-Flags
-cn: ms-DS-Optional-Feature-Guid
-ldapDisplayName: msDS-OptionalFeatureGuid
+cn: ms-DS-Optional-Feature-GUID
+ldapDisplayName: msDS-OptionalFeatureGUID

*******problem attribute  cn: ms-DS-Phonetic-Company-Name 
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Phonetic-Department
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Phonetic-Display-Name
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Phonetic-First-Name
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-Phonetic-Last-Name
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-DS-PSO-Applied
-searchFlags: fCOPY
+searchFlags: 0

*******problem attribute  cn: ms-DS-Resultant-PSO 
-searchFlags: fCOPY
+searchFlags: 0

*******problem attribute  cn: ms-DS-Settings
+systemFlags: 0

*******problem attribute  cn: ms-FVE-RecoveryGuid
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-FVE-VolumeGuid
+isMemberOfPartialAttributeSet: TRUE

*******problem attribute  cn: ms-Imaging-PSP-Identifier
-systemOnly: FALSE

*******problem attribute  cn: ms-Imaging-PSP-String 
-systemOnly: FALSE

*******problem attribute  cn: msNPCalledStationID
-searchFlags: fCOPY
+searchFlags: 0

*******problem attribute  cn: ms-PKI-AccountCredentials 
+isMemberOfPartialAttributeSet: FALSE

*******problem attribute  cn: ms-PKI-Certificate-Policy
-systemOnly: FALSE
+systemOnly: FALSE

*******problem attribute  cn: ms-PKI-Credential-Roaming-Tokens
-systemOnly: FALSE

*******problem attribute  cn: ms-PKI-DPAPIMasterKeys 
+isMemberOfPartialAttributeSet: FALSE

*******problem attribute  cn: ms-PKI-RoamingTimeStamp 
+isMemberOfPartialAttributeSet: FALSE

*******problem attribute  cn: ms-TS-Primary-Desktop 
+omObjectClass: 1.3.12.2.1011.28.0.714

*******problem attribute  cn: ms-TS-Primary-Desktop-BL
+omObjectClass: 1.3.12.2.1011.28.0.714
-systemFlags: FLAG_SCHEMA_BASE_OBJECT
+systemFlags: 17

*******problem attribute  cn: ms-TS-Secondary-Desktop-BL
-systemFlags: FLAG_SCHEMA_BASE_OBJECT
+omObjectClass: 1.3.12.2.1011.28.0.714
+systemFlags: 17

*******problem attribute  cn: ms-TS-Secondary-Desktops 
+omObjectClass: 1.3.12.2.1011.28.0.714

*******problem attribute  cn: ms-WMI-Author
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-ChangeDate
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-ID 
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-int8Max
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-int8Min
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-intDefault
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-intMax
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-intMin 
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-Mof 
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-Name
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: ms-WMI-Query
+showInAdvancedViewOnly: FALSE

*******problem attribute  cn: photo
+showInAdvancedViewOnly: FALSE
+systemFlags: 0

*******problem attribute  cn: preferredLanguage
+systemFlags: 0

*******problem attribute  cn: roomNumber
+showInAdvancedViewOnly: FALSE
+systemFlags: 0

*******problem attribute  cn: secretary
+showInAdvancedViewOnly: FALSE
+systemFlags: 0

*******problem attribute  cn: Terminal-Server
+attributeSecurityGUID: 5805bc62-bdc9-4428-a5e2-856a0f4c185e

*******problem attribute  cn: uid
+showInAdvancedViewOnly: FALSE
+systemFlags: 0

*******problem attribute  cn: uniqueMember 
+showInAdvancedViewOnly: FALSE
+systemFlags: 0

*******problem attribute  cn: unstructuredAddress
+systemFlags: 0

*******problem attribute  cn: unstructuredName 
+systemFlags: 0

*******problem attribute  cn: userPKCS12 
+showInAdvancedViewOnly: FALSE
+systemFlags: 0

*******problem attribute  cn: User-Shared-Folder
-systemFlags: FLAG_SCHEMA_BASE_OBJECT
+systemFlags: 0

*******problem attribute  cn: x500uniqueIdentifier
+systemFlags: 0


Thanks!

Hongwei


-----Original Message-----
From: cifs-protocol-bounces at cifs.org [mailto:cifs-protocol-bounces at cifs.org] On Behalf Of tridge at samba.org
Sent: Friday, January 08, 2010 2:05 PM
To: John Dunning
Cc: CIFS Protocol; Andrew Bartlett
Subject: Re: [cifs-protocol] FW: FW: Inconsistencies in ad-schema docs and text files SRX090109601490

Hi John,

You can see the patch against the W2K8-R2 schema here:

  http://build.samba.org/?function=diff;tree=samba_4_0_test;date=1262935494;revision=ad11deb9bd825d699e2b6799b40d98c28c95910e

These were the changes that we made to allow the schema from WSPP to
operate correctly with a W2K8-R2 windows client joining a Samba domain
using DCPROMO.

As Andrew mentioned, the curious thing is that there were some obvious
typos in the schema (eg. isRecycled -> isRecyled). Perhaps you could
test the schema file for a future release by comparing it to schema on
a windows box?

Thanks!

Cheers, Tridge
_______________________________________________
cifs-protocol mailing list
cifs-protocol at cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

More information about the cifs-protocol mailing list