samba4 multimaster DC setup - show stoppers

Thorsten Trautwein-Veit thorsten.trautwein-veit at schulergroup.com
Mon Nov 17 07:26:26 GMT 2008 

Hi  Andrew ,
the provision fails with :

_ldb.LdbError: (21, 'LDAP error 21 LDAP_INVALID_ATTRIBUTE_SYNTAX - 
<wellKnownObjects: value #0 invalid per syntax> <>')

on the bottom are all steps i did ( provision-backend, starting slapd,
provision ).

This problem is reproducible on both machines.
Maybe the problem is openLdap related. I compiled openldap-2.4.11 (
openldap-stable-20080813.tgz ) with :

  $ ./configure --with-tls --enable-slurpd --enable-spasswd
--enable-lmpasswd --enable-crypt --enable-syslog --enable-overlays
--enable-constraint --enable-dds --enable-dyngroup --enable-dynlist
--enable-memberof --enable-ppolicy --enable-proxycache --enable-refint
--enable-retcode --enable-rwm --enable-seqmod --enable-syncprov
--enable-translucent --enable-unique --enable-valsort

I did this because the debian stable packet of openldap had no support
for overlays.

Cheers,
Thorsten Trautwein-Veit

==================================================
the provision process mmr
==================================================

root at wzbgprn1 /usr/src/samba-master/source4
 # setup/provision-backend --realm=wzbgprn1.schuler.de --domain=wzbgp
--ldap-admin-pass=bluemoon --ldap-backend-type=openldap
--server-role='domain controller'
--ol-mmr-urls='ldap://wzbgprn1.schuler.de ldap://pc303581.schuler.de'
Converted 536 records (skipped 13) with 0 failures
Your openldap Backend for Samba4 is now configured, and is ready to be
started
Server Role:         domain controller
Hostname:            wzbgprn1
DNS Domain:          wzbgprn1.schuler.de
Base DN:             DC=wzbgprn1,DC=schuler,DC=de
LDAP admin user:     samba-admin
LDAP admin password: bluemoon
Start slapd with:    slapd -f /usr/local/samba-4/private/ldap/slapd.conf
-h ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fldapi
Run provision with:  --ldap-backend=ldapi --ldap-backend-type=openldap
--password=bluemoon --username=samba-admin

root at wzbgprn1 /usr/src/samba-master/source4
 # echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11


root at wzbgprn1 /usr/src/samba-master/source4
 # export
PATH=/usr/local/libexec:/usr/local/samba/bin:/usr/local/samba/sbin:$PATH


root at wzbgprn1 /usr/src/samba-master/source4
 # slapd -f /usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fldapi


root at wzbgprn1 /usr/src/samba-master/source4
 # ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 Nov06 ?        00:00:00 init [2]
root         2     1  0 Nov06 ?        00:00:00 [migration/0]
root         3     1  0 Nov06 ?        00:00:03 [ksoftirqd/0]
root         4     1  0 Nov06 ?        00:00:00 [watchdog/0]
root         5     1  0 Nov06 ?        00:00:00 [events/0]
root         6     1  0 Nov06 ?        00:00:00 [khelper]
root         7     1  0 Nov06 ?        00:00:00 [kthread]
root         9     7  0 Nov06 ?        00:00:00 [xenwatch]
root        10     7  0 Nov06 ?        00:00:00 [xenbus]
root        43     7  0 Nov06 ?        00:00:00 [kblockd/0]
root        46     7  0 Nov06 ?        00:00:00 [kseriod]
root        63     7  0 Nov06 ?        00:00:04 [pdflush]
root        64     7  0 Nov06 ?        00:00:03 [pdflush]
root        65     7  0 Nov06 ?        00:00:10 [kswapd0]
root        66     7  0 Nov06 ?        00:00:00 [aio/0]
root        67     7  0 Nov06 ?        00:00:06 [xfslogd/0]
root        68     7  0 Nov06 ?        00:00:01 [xfsdatad/0]
root       697     7  0 Nov06 ?        00:00:00 [kpsmoused]
root       703     7  0 Nov06 ?        00:00:00 [xfsbufd]
root       704     7  0 Nov06 ?        00:00:00 [xfssyncd]
root       897     7  0 Nov06 ?        00:00:00 [kmirrord]
root       901     7  0 Nov06 ?        00:00:00 [ksnapd]
daemon    1024     1  0 Nov06 ?        00:00:00 /sbin/portmap
root      1140     1  0 Nov06 ?        00:00:00 /sbin/syslogd
root      1146     1  0 Nov06 ?        00:00:00 /sbin/klogd -x
root      1232     1  0 Nov06 ?        00:00:00 /usr/sbin/xinetd
-pidfile /var/run/xinetd.pid -stayalive
ntp       1243     1  0 Nov06 ?        00:00:00 /usr/sbin/ntpd -p
/var/run/ntpd.pid -u 103:104 -g
daemon    1253     1  0 Nov06 ?        00:00:00 /usr/sbin/atd
root      1260     1  0 Nov06 ?        00:00:00 /usr/sbin/cron
root      1294     1  0 Nov06 tty1     00:00:00 /sbin/getty 38400 tty1
root      1295     1  0 Nov06 tty2     00:00:00 /sbin/getty 38400 tty2
root      1296     1  0 Nov06 tty3     00:00:00 /sbin/getty 38400 tty3
root      1297     1  0 Nov06 tty4     00:00:00 /sbin/getty 38400 tty4
root      1298     1  0 Nov06 tty5     00:00:00 /sbin/getty 38400 tty5
root      1299     1  0 Nov06 tty6     00:00:00 /sbin/getty 38400 tty6
root      1509     1  0 Nov06 ?        00:00:00 /usr/sbin/sshd
root      3212  1509  0 08:11 ?        00:00:00 sshd: root at pts/0
root      3214  3212  0 08:11 pts/0    00:00:00 -bash
root      3218  3214  0 08:12 pts/0    00:00:00 zsh
root      3290     1  2 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3293  3290  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3294  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3295  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3296  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3297  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3298  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3299  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3300  3293  0 08:15 ?        00:00:00 slapd -f
/usr/local/samba-4/private/ldap/slapd.conf -h
ldapi://%2Fusr%2Flocal%2Fsamba-4%2Fprivate%2Fldap%2Fld
root      3301  3218  0 08:15 pts/0    00:00:00 ps -ef
104       8547     1  0 Nov10 ?        00:00:00 /usr/bin/dbus-daemon
--system
root      8576     1  0 Nov10 ?        00:00:00 /usr/sbin/famd -T 0
root     28641     1  0 Nov13 ?        00:00:13 /usr/sbin/iceccd -d -l
/var/log/iceccd.log --nice 5 -s 153.3.131.76 -n sctg


root at wzbgprn1 /usr/src/samba-master/source4
 # ./setup/provision --realm=wzbgprn1.schuler.de --domain=wzbgp
--server-role='domain controller' --ldap-backend=ldapi
--ldap-backend-type=openldap --password=bluemoon --username=samba-admin
Setting up secrets.ldb
Setting up the registry
Setting up templates db
Setting up idmap db
schema_fsmo_init: no schema head present: (skip schema loading)
naming_fsmo_init: no partitions dn present: (skip loading of naming
contexts details)
pdc_fsmo_init: no domain object present: (skip loading of domain details)
schema_fsmo_init: no schema dn present: (skip schema loading)
naming_fsmo_init: no partitions dn present: (skip loading of naming
contexts details)
pdc_fsmo_init: no domain dn present: (skip loading of domain details)
Setting up sam.ldb attributes
Setting up sam.ldb rootDSE
Erasing data from partitions
schema_fsmo_init: no schema head present: (skip schema loading)
naming_fsmo_init: no partitions dn present: (skip loading of naming
contexts details)
pdc_fsmo_init: no domain object present: (skip loading of domain details)
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=wzbgprn1,DC=schuler,DC=de (permitted to fail)
Modifying DomainDN: DC=wzbgprn1,DC=schuler,DC=de
Traceback (most recent call last):
  File "./setup/provision", line 158, in ?
    ldap_backend_type=opts.ldap_backend_type)
  File "bin/python/samba/provision.py", line 1025, in provision
    ldap_backend_type=ldap_backend_type)
  File "bin/python/samba/provision.py", line 781, in setup_samdb
    setup_modify_ldif(samdb, setup_path("provision_basedn_modify.ldif"), {
  File "bin/python/samba/provision.py", line 175, in setup_modify_ldif
    ldb.modify_ldif(data)
  File "bin/python/samba/__init__.py", line 196, in modify_ldif
    self.modify(msg)
_ldb.LdbError: (21, 'LDAP error 21 LDAP_INVALID_ATTRIBUTE_SYNTAX - 
<wellKnownObjects: value #0 invalid per syntax> <>')
zsh: exit 1     ./setup/provision --realm=wzbgprn1.schuler.de --domain=wzbgp

==================================================

-------- Original-Nachricht --------
Betreff: Re: samba4 multimaster DC setup - show stoppers
Von: Andrew Bartlett <abartlet at samba.org>
An: thorsten.trautwein-veit at schulergroup.com
CC: Gavin Beatty <gavinbeatty at gmail.com>, samba-technical at lists.samba.org
Datum: 17.11.2008 03:39
> On Fri, 2008-11-14 at 15:16 +0100, Thorsten Trautwein-Veit wrote:
>   
>> Hi Gavin,
>> thanks for this pointer, i now know i am clearly on the master branch.
>> But ( of course )  i double checked it with the commands you gave me.
>> The git checkout master did instantly return ....
>>
>> So i think it is really a problem with the provision tool. I spend now
>> time to get into python :)
>>     
>
> What is the exact error when you run with the correct branch?
>
> Thanks,
>
> Andrew Bartlett
>   

-- 
Freundliche Grüße / Best regards

Thorsten Trautwein-Veit
Dipl.-Ing. (FH)

Schuler Cartec GmbH & Co. KG
EDV
Bahnhofstraße 41
73033 Göppingen

URL: http://www.schulergroup.com
E-Mail-Pflichtangaben (gemäß EHUG): http://pflichtangaben.schulergroup.com

More information about the samba-technical mailing list