[Samba] Samba4 LDAP issues

[Gilbert Gutierrez]

I cannot add users to my server and after going through many google 
searches and trying several things here is an issue I have found at 
minimum a LDAP issue when comparing my primary and secondary domain 
controllers. I do not know how to repair it and that is why I am 
contacting the list. Below is the output of the comparison.

Master: 4.2.0pre1-GIT-58865d9
Slave:  4.2.0pre1-GIT-815bde2

Thank you,
Gilbert


[root at sdc ~]# /usr/local/samba/bin/samba-tool ldapcmp ldap://pdc 
ldap://sdc domain

* Comparing [DOMAIN] context...

* DN lists have different size: 226 != 230
     CN=ASUS-LAPTOP,CN=Computers,DC=phxinternet,DC=lcl
     CN=SCREAMER,CN=Computers,DC=phxinternet,DC=lcl
     CN=STARSCREAM,CN=Computers,DC=phxinternet,DC=lcl
     CN=dns-SDC,CN=Users,DC=phxinternet,DC=lcl

* Objects to be compared: 226

Comparing:
'CN=Agency Account,CN=Users,DC=phxinternet,DC=lcl' [ldap://pdc]
'CN=Agency Account,CN=Users,DC=phxinternet,DC=lcl' [ldap://sdc]
     Difference in attribute values:
         pwdLastSet =>
['0']
['130621210880000000']
     FAILED

Comparing:
'CN=Builtin,DC=phxinternet,DC=lcl' [ldap://pdc]
'CN=Builtin,DC=phxinternet,DC=lcl' [ldap://sdc]
     Attributes found only in ldap://pdc:
         serverState
     FAILED

Comparing:
'CN=Doris Akey,CN=Users,DC=phxinternet,DC=lcl' [ldap://pdc]
'CN=Doris Akey,CN=Users,DC=phxinternet,DC=lcl' [ldap://sdc]
     Difference in attribute values:
         pwdLastSet =>
['130625516480000000']
['130625412300000000']
     FAILED

Comparing:
'CN=Ray Esquivel,CN=Users,DC=phxinternet,DC=lcl' [ldap://pdc]
'CN=Ray Esquivel,CN=Users,DC=phxinternet,DC=lcl' [ldap://sdc]
     Difference in attribute values:
         pwdLastSet =>
['0']
['130661621840000000']
     FAILED

Comparing:
'CN=SDC,OU=Domain Controllers,DC=phxinternet,DC=lcl' [ldap://pdc]
'CN=SDC,OU=Domain Controllers,DC=phxinternet,DC=lcl' [ldap://sdc]
     Difference in attribute values:
         servicePrincipalName =>
['E3514235-4B06-11D1-AB04-00C04FC2DCD2/09f3b5dc-46f8-49ef-b636-6b8b8a9ec34c/phxinternet.lcl', 
'GC/SDC.phxinternet.lcl/phxinternet.lcl', 'HOST/SDC', 
'HOST/SDC.phxinternet.lcl']
['E3514235-4B06-11D1-AB04-00C04FC2DCD2/09f3b5dc-46f8-49ef-b636-6b8b8a9ec34c/phxinternet.lcl', 
'GC/SDC.phxinternet.lcl/phxinternet.lcl', 'HOST/SDC', 
'HOST/SDC.phxinternet.lcl', 'HOST/SDC.phxinternet.lcl/PHXINTERNET', 
'HOST/SDC.phxinternet.lcl/phxinternet.lcl', 'RestrictedKrbHost/SDC', 
'RestrictedKrbHost/SDC.phxinternet.lcl', 
'ldap/09f3b5dc-46f8-49ef-b636-6b8b8a9ec34c._msdcs.phxinternet.lcl', 
'ldap/SDC', 'ldap/SDC.phxinternet.lcl', 
'ldap/SDC.phxinternet.lcl/DomainDnsZones.phxinternet.lcl', 
'ldap/SDC.phxinternet.lcl/ForestDnsZones.phxinternet.lcl', 
'ldap/SDC.phxinternet.lcl/PHXINTERNET', 
'ldap/SDC.phxinternet.lcl/phxinternet.lcl']
     FAILED

Comparing:
'CN=WINDBSVR,CN=Computers,DC=phxinternet,DC=lcl' [ldap://pdc]
'CN=WINDBSVR,CN=Computers,DC=phxinternet,DC=lcl' [ldap://sdc]
     Difference in attribute values:
         pwdLastSet =>
['130524167000000000']
['130656528210000000']
     FAILED

Comparing:
'DC=phxinternet,DC=lcl' [ldap://pdc]
'DC=phxinternet,DC=lcl' [ldap://sdc]
     Attributes found only in ldap://pdc:
         serverState
         msDS-NcType
     FAILED

* Result for [DOMAIN]: FAILURE

SUMMARY
---------

Attributes found only in ldap://pdc:

     msDS-NcType
     serverState

Attributes with different values:

     servicePrincipalName
     pwdLastSet
ERROR: Compare failed: -1