[Samba] samba-tool ldapcmp attribute order
Andrew Bartlett
abartlet at samba.org
Fri Sep 7 06:04:30 UTC 2018
On Fri, 2018-09-07 at 07:34 +0200, Jakob Lenfers via samba wrote:
> Hi List,
>
> I successfully added a new schema to my DCs a couple of weeks ago (and
> didn't do anything with it yet.) Today I wanted to edit the schema some
> more but found the samba-tool ldapcmp command and ran it between my two DCs:
>
> > * Comparing [SCHEMA] context...
> >
> > * Objects to be compared: 1562
> >
> > Comparing:
> > 'CN=bssGroup,CN=Schema,CN=Configuration,DC=bss,DC=example,DC=com'
>
> [ldap://barva.bss.example.com]
> > 'CN=bssGroup,CN=Schema,CN=Configuration,DC=bss,DC=example,DC=com'
>
> [ldap://zapaleri.bss.example.com]
> > Difference in attribute values:
> > mayContain =>
> > ['bssMailAddresses', 'bssMailForwardingAddress', 'bssloginScript']
> > ['bssLoginScript', 'bssMailAddresses', 'bssMailForwardingAddress']
> > FAILED
> >
> > * Result for [SCHEMA]: FAILURE
>
> The attributes are the same, but seem in a different order. My
> understanding of LDAP says that it doesn't matter, but of course I'm
> worried, especially since all documentation stresses how dangerous it is
> to meddle with the AD schema...
That won't matter. Some multi-valued attributes get replicated in
reverse order for $REASONS
> I run Ubuntu packages, 4.7.6-Ubuntu
>
> Thanks in advance,
> Jakob
>
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list