[Samba] samba-tool ldapcmp without --filter errors out.
L.P.H. van Belle
belle at bazuin.nl
Thu Nov 14 10:06:43 UTC 2019
Hai,
I've just upgrade samba on my DC's from 4.10.10 to 4.11.2.
Which went fine offcourse ;-) but when i checking my replications i noticed the following.
If people have problems upgrading, the steps to take are :
( Debian buster, samba upgrade 4.10=> 4.11 van-belle repo. )
# update 4.10 to 4.11
sed 's/410/411/g' /etc/apt/sources.list.d/van-belle.list
apt update
apt dist-upgrade --autoremove --purge
apt --fix-broken install
apt dist-upgrade --autoremove --purge
And its done.
When running :
samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" ldap://dc1.fqdn ldap://dc2.fqdn
This works fine, untill i remove the filter..
samba-tool ldapcmp ldap://dc1.fqdn ldap://dc2.fqdn
This errors out with :
* Comparing [DOMAIN] context...
* Objects to be compared: 845
ERROR(<class 'KeyError'>): uncaught exception - 'CN'
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run
if b1.diff(b2):
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff
if object1 == object2:
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__
return self.cmp_attrs(other)
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs
if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list):
samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn ldap://dc2.fqdn
* Comparing [DOMAIN] context...
* Objects to be compared: 845
* Result for [DOMAIN]: SUCCESS
* Comparing [CONFIGURATION] context...
* Objects to be compared: 1825
* Result for [CONFIGURATION]: SUCCESS
* Comparing [SCHEMA] context...
* Objects to be compared: 1821
* Result for [SCHEMA]: SUCCESS
* Comparing [DNSDOMAIN] context...
* Objects to be compared: 503
ERROR(<class 'KeyError'>): uncaught exception - 'DC'
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run
if b1.diff(b2):
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff
if object1 == object2:
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__
return self.cmp_attrs(other)
File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs
if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list):
samba-tool dbcheck (--cross-nc) run fine, i have 0 errors here.
My conclusion here, but this needs to be verified also by others, and it might be handy to know your original samba version.
--filter="DC,CN" fixes the ldapcmp command to it runs without errors, the database replications is fine.
Cause, this is a AD-DB started from 4.1.x in all updates there where a few bugs with cn= CN= dc= DC= and whenChanged in previous versions of samba.
The question now is, it there a command (within samba-tool ) that fixes/lower the DC= and CN=
because i didnt see/find it.
My setup started with: Debian Wheezy, samba 4.1.x
Current: Debian Buster, samba 4.11.2
Greetz,
Louis
More information about the samba
mailing list