user unable to create a user in a replicated from w2k3 server
Matthieu Patou
mat at samba.org
Mon Jul 5 15:32:55 MDT 2010
Hello tridge, Andrew, Metze,
I was with plaerzen on IRC, he managed to update his w2k server to w2k3
and then made s4 vampire it.
He is now unable to create user on the S4 server.
A level 10 log is here:
http://pastebin.com/Werib9g9
I made some analysis my conclusion is that he has this pb: msg:
../dsdb/samdb/ldb_modules/ridalloc.c:450: No RID Set DN - Remote RID Set
allocation needs refresh.
Then we created a sample ldif file to create more easily the user from
command line :
ldbmodify -H ldap://s4ldap /tmp/t.ldif -k 1
We get:
ERR: (Unwilling to perform) "LDAP error 53 LDAP_UNWILLING_TO_PERFORM -
<00002035: Unwilling to perform -
../dsdb/samdb/ldb_modules/ridalloc.c:450: No RID Set DN - Remote RID
Set allocation needs refresh> <>" on DN CN=testsix,CN=Users,DC=....
The same command against the w2k3 dc works ...
I put more trace and came to the conclusion that this line is failing
"if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), fsmo_role_dn) != 0) {"
Indeed we have this:
ntds: CN=NTDS
Settings,CN=DEV-TEADC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=winteal,DC=tundraeng,DC=com
fsmo: CN=NTDS Settings,CN=DEV-TEDC3,CN=Servers,CN=Default-First-
Site-Name,CN=Sites,CN=Configuration,DC=winteal,DC=tundraeng,DC=com
So clearly the DN are different .... to my mind the test is not good as
globably the samdb_ntds_settings_dn is a search for dsServiceName on the
rootdse and it seems that for each server it returns only the ntds of
this server, so the test is likely to work only on the server which is
rid master.
At this point I reached the limit of my knowledge but maybe one of you
can help cam.
Cheers Matthieu.
--
Matthieu Patou
Samba Team http://samba.org
More information about the samba-technical
mailing list