[Samba] Samba4 LDAP issues
Rowland Penny
rowlandpenny at googlemail.com
Thu Jan 22 03:42:16 MST 2015
On 22/01/15 00:11, Gilbert Gutierrez wrote:
> I have moved to 4.1.16 on both controllers. It did not solve my issue
> (though it reduced the errors as seen in the new attached ldap
> comparison). I am still getting the error telling me to see the
> administrator when trying to add a user via the Windows Active
> Directory Users and Computers utility.
>
> Gilbert
>
> [root at pdc ~]# /usr/local/samba/bin/samba-tool ldapcmp ldap://pdc
> ldap://sdc domain
>
> * Comparing [DOMAIN] context...
>
> * Objects to be compared: 233
>
> Comparing:
> 'CN=Builtin,DC=phxinternet,DC=lcl' [ldap://pdc]
> 'CN=Builtin,DC=phxinternet,DC=lcl' [ldap://sdc]
> Attributes found only in ldap://pdc:
> serverState
> FAILED
>
> Comparing:
> 'DC=phxinternet,DC=lcl' [ldap://pdc]
> 'DC=phxinternet,DC=lcl' [ldap://sdc]
> Attributes found only in ldap://pdc:
> serverState
> msDS-NcType
> FAILED
>
> * Result for [DOMAIN]: FAILURE
>
> SUMMARY
> ---------
>
> Attributes found only in ldap://pdc:
>
> msDS-NcType
> serverState
> ERROR: Compare failed: -1
>
>
>
OK, the two attributes in question do not replicate, so they could be
different between DC's, to stop the errors, add '
--filter=msDS-NcType,serverState' to the 'samba-tool ldapcmp' command.
So now that you know that the 'errors' are not causing your problems, is
there anything in the error logs on the windows PC's or the samba4 DC ?
Rowland
More information about the samba
mailing list