[Samba] ad2003 schema while forest/domain at 2008R2 level
Carlos A. P. Cunha
carlos.hollow at gmail.com
Wed Sep 28 17:28:49 UTC 2016
Hello!
I had a "similar" problem, see if you help.
https://lists.samba.org/archive/samba/2015-December/196850.html
In my case, I managed to solve.
Regards
Em 28-09-2016 13:01, Rowland Penny via samba escreveu:
> On Wed, 28 Sep 2016 17:37:32 +0200
> Denis Cardon via samba <samba at lists.samba.org> wrote:
>
>> Hi everyone,
>>
>> I came across this issue today while upgrading a samba4 AD. The
>> forest/domain level is 2008R2, however the schema partition is
>> actually missing the msDS-isRODC attribute (and probably a few
>> others). It makes the ADUC console to failed on that entry below.
>> Here is the samba log message (which is quite explicit :-)
>>
>> Sep 28 16:55:36 srvads samba[27900]: [2016/09/28 16:55:36.819666, 0]
>> ../lib/ldb-samba/ldb_wrap.c:76(ldb_wrap_debug)
>> Sep 28 16:55:36 srvads samba[27900]: ldb: acl_read:
>> CN=SRVADS,OU=Domain Controllers,DC=domain,DC=lan cannot find
>> attr[msDS-isRODC] in of schema
>>
>> I don't know how I messed up the schema partition, and since I don't
>> have any side effect but the ADUC failure message when clicking on
>> the dc entry (everything else works fine), I think that error is
>> lying there for quite some time. The domain was upgraded from a MSAD
>> 2003 domain three or four years ago.
>>
>> So my question is : since my DC is already on 2008R2 domain/forest
>> level, is there anyway I can force the schema upgrade to 2008R2
>> independently of the samba-tool domain raise command line?
>>
>> Cheers,
>>
>> Denis
>>
>>
>>
> You could start by finding out just what schema version you actually
> have, see here:
>
> https://wiki.samba.org/index.php/AD_Schema_Version_Support
>
> Rowland
>
More information about the samba
mailing list