[Samba] Was not found in the schema 'msDS-SupportedEncryptionTypes'
Rowland penny
rpenny at samba.org
Tue Dec 29 20:26:31 UTC 2015
On 29/12/15 19:58, Carlos A. P. Cunha wrote:
> OK, this is bad news, you would know me explain how I do it for my DC
> and an account?
>
> thank you
>
> Em 29-12-2015 17:34, Rowland penny escreveu:
>> On 29/12/15 18:26, Carlos A. P. Cunha wrote:
>>> Performed and output were all like that, no list in the attribute
>>>
>>> # record 1
>>> dn: CN=001-PLAT-01,CN=Computers,DC=interno,DC=mydoainDC=com,DC=br
>>>
>>> # record 2
>>> dn: CN=001-COMPRAS-15,CN=Computers,DC=interno,DC=mydomain,DC=com,DC=br
>>>
>>> # record 3
>>> dn:
>>> CN=RECEBIMENTO-1,OU=Computers_Locked,OU=Erechim,OU=Sonda,DC=interno,DC=mydomain,DC=com,DC=br
>>>
>>>
>>
>> OK, I was expecting something like this:
>>
>> dn: CN=DC1,OU=Domain Controllers,DC=samdom,DC=example,DC=com
>> msDS-SupportedEncryptionTypes: 31
>>
>> For every DC & computer in your domain.
>>
>> I think your problem has occurred because you started with a windows
>> 2003 DC, see here for info on this attribute:
>>
>> http://blogs.msdn.com/b/openspecification/archive/2009/09/12/msds-supportedencryptiontypes-episode-1-computer-accounts.aspx?Redirected=true
>>
>>
>> You could try adding it to each computer and see how you go on.
>>
>> Rowland
>> Rowland
>>
>>
>>
>>
>
There are various way of adding an attribute, you could do it with
ldbmodify or ldbedit, or if you feel more comfortable with a gui, you
could install ADUC on a windows machine and use this to add the
attribute, or you could install ldap account manager (LAM) on the DC and
use this to add the attribute.
Pick one and search the internet for how to do it, you will learn more
doing it this way, rather than me telling you how to do it, step by
step. If after choosing a method, you have problems, this I will attempt
to help you with.
Rowland
Rowland
More information about the samba
mailing list