[Samba] Problem joining domain [SEC=UNCLASSIFIED]

Andrew Bartlett abartlet at samba.org
Thu Jun 13 12:59:49 UTC 2019


On Thu, 2019-06-13 at 07:33 +0000, Thamm, Russell via samba wrote:
> UNCLASSIFIED
> 
> Hi Rowland
> 
> No tombstonelifetime.

Just fill it in as 180 I think.  A bug fix just landed:
https://bugzilla.samba.org/show_bug.cgi?id=13967

> Do I need to upgrade the schema? The current schema is 30 (Windows
> 2003).

I don't think so. 

> When I try to update the schema, I get the following error:
> 
> Applying Sch31.ldf updates...
> Exception [Errno 2] No such file or directory 

Odd.  But unrelated. 

> I downloaded sch31.ldf and tried to apply that.
> 
> samba-tool domain schemaupgrade --ldf-file=sch31.ldf --base-
> dir=/home/user/work/ldif
> 
> Unable to find attribute 1.2.840.113556.1.6.13.3.2 in the schema. 
> Exception: unable to parse LDIF string at first chunk
> 
> Not sure if I'm barking up the wrong tree.

Probably :-)

I hope this helps,

Andrew Bartlett

> Cheers
> Russell
> 
> -----Original Message-----
> From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of
> Rowland penny via samba
> Sent: Wednesday, 12 June, 2019 5:57 p.m.
> To: sambalist
> Subject: Re: [Samba] Problem joining domain [SEC=UNCLASSIFIED]
> 
> On 12/06/2019 08:36, Thamm, Russell wrote:
> > UNCLASSIFIED
> > 
> > Sorry to be a bloody pest, but I've hit a new problem.
> > 
> > I shutdown the 2003 server & seized the roles. I then upgraded to
> > samba 4.7.12. and demoted the 2003 server.
> > 
> > Everything seemed to be working OK for several days, so I upgraded
> > to 4.8.12.
> > 
> > All seems OK except  samba-tool dbcheck gives an error
> > 
> > [root at julius samba-4.8.12]# samba-tool dbcheck -v --cross-ncs
> > ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such
> > element'
> >    File "/usr/local/samba/lib64/python2.7/site-
> > packages/samba/netcmd/__init__.py", line 177, in _run
> >      return self.run(*args, **kwargs)
> >    File "/usr/local/samba/lib64/python2.7/site-
> > packages/samba/netcmd/dbcheck.py", line 142, in run
> >      check_expired_tombstones=selftest_check_expired_tombstones)
> >    File "/usr/local/samba/lib64/python2.7/site-
> > packages/samba/dbchecker.py", line 200, in __init__
> >      self.tombstoneLifetime = int(res[0]["tombstoneLifetime"][0])
> > 
> 
> OK, it seems to be saying that you do not have a 'tombstoneLifetime' 
> attribute, try running this on the DC:
> 
> ldbsearch --cross-ncs -H ldap://julius -b 'CN=Directory
> Service,CN=Windows
> NT,CN=Services,CN=Configuration,DC=ssunit050,DC=local' -s base -U
> Administrator
> 
> It should display the entire AD object, is 'tombstoneLifetime'
> amongst the output ?
> 
> Rowland
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> IMPORTANT: This email remains the property of the Department of
> Defence and is subject to the jurisdiction of section 70 of the
> Crimes Act 1914. If you have received this email in error, you are
> requested to contact the sender and delete the email.
> 
-- 
Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          
https://catalyst.net.nz/services/samba






More information about the samba mailing list