[Samba] MS Sharepoint 2010 configuration fails with Samba/Openldap PDC

Andreas Krupp andreaskrupp at akrupp.ch
Tue Nov 20 11:12:44 MST 2012 

Hello,

 

I hope this is the right mailing list for troubleshooting.

 

My environment is:

-CentOs 6.3 x64

-Samba as PDC

-OpenLdap

-Bind

 

I followed this very nice tutorial to set-up the environment as PDC:
http://www.server-world.info/en/note?os=CentOS_6
<http://www.server-world.info/en/note?os=CentOS_6&p=samba&f=4> &p=samba&f=4

And actually almost everything is working. I can add Windows Server 2008 R2
to the domain, use users and service accounts from samba/ldap and e.g. run
SQL Server over such a service account.

 

However, my Sharepoint 2010 Configuration Wizard fails every time I am
trying to configure Sharepoint. The normal resolution for this problem is to
do the installation while the Sharepoint Server is connected to the Domain.
In my case, I am connected to the domain but it does not work. The error
message from sharepoint is:

 

Exception: System.ArgumentException: Specified value is not supported for
the {0} parameter.

   at
Microsoft.SharePoint.Utilities.SPUserUtility.GetDomainControllerToSearch(SPW
ebApplication webApp, String domainName)

   at
Microsoft.SharePoint.Utilities.SPUtility.GetDomainAndPropColl(SPWebApplicati
on webApplicaiton, String loginName, String[]& resolveUserAdProperties,
SPActiveDirectoryDomain& gcPath, ResultPropertyCollection& propcol)

   at
Microsoft.SharePoint.Utilities.SPUtility.GetUserPropertiesFromAD(SPWebApplic
ation webApplicaiton, String loginName, String[]& origUserAdProperties)

   at
Microsoft.SharePoint.Utilities.SPUtility.GetUserPropertyFromAD(SPWebApplicat
ion webApplicaiton, String loginName, String propertyName)

   at
Microsoft.SharePoint.Administration.SPManagedAccount.GetUserAccountControl(S
tring username)

   at Microsoft.SharePoint.Administration.SPManagedAccount.Update()

   at Microsoft.SharePoint.Administration.SPProcessIdentity.Update()

   at Microsoft.SharePoint.Administration.SPApplicationPool.Update()

   at
Microsoft.SharePoint.Administration.SPWebApplication.CreateDefaultInstance(S
PWebService service, Guid id, String applicationPoolId, SPProcessAccount
processAccount, String iisServerComment, Boolean secureSocketsLayer, String
iisHostHeader, Int32 iisPort, Boolean iisAllowAnonymous, DirectoryInfo
iisRootDirectory, Uri defaultZoneUri, Boolean iisEnsureNTLM, Boolean
createDatabase, String databaseServer, String databaseName, String
databaseUsername, String databasePassword, SPSearchServiceInstance
searchServiceInstance, Boolean autoActivateFeatures)

   at
Microsoft.SharePoint.Administration.SPWebApplication.CreateDefaultInstance(S
PWebService service, Guid id, String applicationPoolId, IdentityType
identityType, String applicationPoolUsername, SecureString
applicationPoolPassword, String iisServerComment, Boolean
secureSocketsLayer, String iisHostHeader, Int32 iisPort, Boolean
iisAllowAnonymous, DirectoryInfo iisRootDirectory, Uri defaultZoneUri,
Boolean iisEnsureNTLM, Boolean createDatabase, String databaseServer, String
databaseName, String databaseUsername, String databasePassword,
SPSearchServiceInstance searchServiceInstance, Boolean autoActivateFeatures)

   at
Microsoft.SharePoint.Administration.SPAdministrationWebApplication.CreateDef
aultInstance(SqlConnectionStringBuilder administrationContentDatabase,
SPWebService adminService, IdentityType identityType, String farmUser,
SecureString farmPassword)

   at
Microsoft.SharePoint.Administration.SPFarm.CreateAdministrationWebService(Sq
lConnectionStringBuilder administrationContentDatabase, IdentityType
identityType, String farmUser, SecureString farmPassword)

   at
Microsoft.SharePoint.Administration.SPFarm.CreateBasicServices(SqlConnection
StringBuilder administrationContentDatabase, IdentityType identityType,
String farmUser, SecureString farmPassword)

   at
Microsoft.SharePoint.Administration.SPFarm.Create(SqlConnectionStringBuilder
configurationDatabase, SqlConnectionStringBuilder
administrationContentDatabase, IdentityType identityType, String farmUser,
SecureString farmPassword, SecureString masterPassphrase)

   at
Microsoft.SharePoint.Administration.SPFarm.Create(SqlConnectionStringBuilder
configurationDatabase, SqlConnectionStringBuilder
administrationContentDatabase, String farmUser, SecureString farmPassword,
SecureString masterPassphrase)

   at
Microsoft.SharePoint.PostSetupConfiguration.ConfigurationDatabaseTask.Create
OrConnectConfigDb()

   at
Microsoft.SharePoint.PostSetupConfiguration.ConfigurationDatabaseTask.Run()

   at Microsoft.SharePoint.PostSetupConfiguration.TaskThread.ExecuteTask()

 

The ".GetDomainControllerToSearch" function that does not get the right
result made me dig into the LDAP requests that the Sharepoint Installation
is sending to the PDC. And I could isolate a couple of requests with 0
results that I thought were causing the trouble.

 

After I added the group "Domain Controllers" to the LDAP, added the PDC to
that group and made several DNS modification to match those of a Windows
PDC. I still cannot get rid of the error. So here are the remaining LDAP
queries without response:

 

 

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaGroupType=4)(|(sambaSIDList=s
-1-5-21-2966583388-1241265182-3898909196-1004)(sambaSIDList=s-1-5-21-2966583
388-1241265182-3898909196-515)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(s
ambaSIDList=s-1-5-11)))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaGroupType=4)(|(sambaSIDList=s
-1-5-21-2966583388-1241265182-3898909196-1005)(sambaSIDList=s-1-5-21-2966583
388-1241265182-3898909196-515)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(s
ambaSIDList=s-1-5-11)))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-1-0))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-1-0))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-11))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-11))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-2))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-2))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-545))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-545))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-545))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-545))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-3001)(objectCl
ass=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-3001)(objectCl
ass=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-515)(objectCla
ss=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-515)(objectCla
ss=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-515)(objectCla
ss=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-515)(objectCla
ss=sambaSamAccount))"

SRCH base="sambaDomainName=MAKAMAKA,dc=makamaka,dc=home" scope=2 deref=0
filter="(objectClass=sambaTrustedDomainPassword)"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=99))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=99))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-3001)(objectCl
ass=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-3001)(objectCl
ass=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-513)(objectCla
ss=sambaSamAccount))"

SRCH base="dc=makamaka,dc=home" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-2966583388-1241265182-3898909196-513)(objectCla
ss=sambaSamAccount))"

 

The following search caught my eye because it had something to do with the
Domain itself: 

SRCH base="sambaDomainName=MAKAMAKA,dc=makamaka,dc=home" scope=2 deref=0
filter="(objectClass=sambaTrustedDomainPassword)"

 

Now I tried to add to my domain manually the objectClass
"sambaTrustedDomainPassword" but nothing will do. I cannot get the LDIF or
command that will do it and could not find any other solutions.

 

Would anybody have a clue on what could be wrong. or how I could add the
"sambaTrustedDomainPassword" objectclass to my domain entry? I am trying to
go step by step here, but if anybody has come across this problem, help
would be most appreciated!!!!

 

Cheers & best,

Andreas

More information about the samba mailing list