[Samba] Error "Failed extended allocation RID pool operation..."

Rowland Penny rpenny at samba.org
Mon Sep 19 14:15:42 UTC 2016


On Mon, 19 Sep 2016 09:56:16 -0400
Adam Tauno Williams via samba <samba at lists.samba.org> wrote:

> On Mon, 2016-09-19 at 09:31 -0400, Adam Tauno Williams via samba
> wrote:
> > Package: sernet-samba-4.2.14-23.el6.x86_64
> > These DCs were very recently upgraded from a prior version.
> > [2016/09/19 09:32:55.168161,  0]
> > ../source4/libcli/smb2/signing.c:116(smb2_check_signature)
> >   Bad SMB2 signature for message of size 202
> >   ../source4/rpc_server/drsuapi/getncchanges.c:807: Failed extended
> > allocation RID pool operation - Failed to modify RID Set object
> > CN=RID
> > Set,CN=LARKIN28,OU=Domain Controllers,DC=micore,DC=us -
> > objectclass_attrs: at least one mandatory attribute ('rIDNextRID')
> > on entry 'CN=RID Set,CN=DC3,OU=Domain Controllers,DC=example,DC=us'
> > wasn't specified!
> > [2016/09/19 09:33:03.814390,  0]
> > ../source4/smb_server/smb2/sesssetup.c:242(smb2srv_cleanup_session_de
> > structor)
> 
> Verified that the rIDNextRID attribute only has an ID on one of the
> DC's.  My understanding is that this is correct;  should Samba not be
> attempting to replicate this attribute?
> 
> Checked
>   CN=RID Set,CN=DC3,OU=Domain Controllers,DC=example,DC=us
>   CN=RID Set,CN=DC2,OU=Domain Controllers,DC=example,DC=us
>   CN=RID Set,CN=DC1,OU=Domain Controllers,DC=example,DC=us
> 
> <https://msdn.microsoft.com/en-us/library/cc220818.aspx>
>  cn: RID-Next-RID
>  ldapDisplayName: rIDNextRID
>  attributeId: 1.2.840.113556.1.4.374
>  attributeSyntax: 2.5.5.9
>  omSyntax: 2
>  isSingleValued: TRUE
>  schemaIdGuid: 6617188c-8f3c-11d0-afda-00c04fd930c9
>  systemOnly: TRUE
>  searchFlags: 0
>  systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED
>  schemaFlagsEx: FLAG_ATTR_IS_CRITICAL
>   
> 

No it shouldn't be replicated, the big hint is
'FLAG_ATTR_NOT_REPLICATED', it should only be on the DC that holds the
RID master FSMO role, so I supposed the question is, what does
'samba-tool fsmo show' display for the RidAllocationMasterRole ?

Rowland



More information about the samba mailing list