[Samba] ad2003 schema while forest/domain at 2008R2 level
Denis Cardon
dcardon at tranquil.it
Wed Sep 28 15:37:32 UTC 2016
Hi everyone,
I came across this issue today while upgrading a samba4 AD. The
forest/domain level is 2008R2, however the schema partition is actually
missing the msDS-isRODC attribute (and probably a few others). It makes
the ADUC console to failed on that entry below. Here is the samba log
message (which is quite explicit :-)
Sep 28 16:55:36 srvads samba[27900]: [2016/09/28 16:55:36.819666, 0]
../lib/ldb-samba/ldb_wrap.c:76(ldb_wrap_debug)
Sep 28 16:55:36 srvads samba[27900]: ldb: acl_read:
CN=SRVADS,OU=Domain Controllers,DC=domain,DC=lan cannot find
attr[msDS-isRODC] in of schema
I don't know how I messed up the schema partition, and since I don't
have any side effect but the ADUC failure message when clicking on the
dc entry (everything else works fine), I think that error is lying there
for quite some time. The domain was upgraded from a MSAD 2003 domain
three or four years ago.
So my question is : since my DC is already on 2008R2 domain/forest
level, is there anyway I can force the schema upgrade to 2008R2
independently of the samba-tool domain raise command line?
Cheers,
Denis
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr
More information about the samba
mailing list