[Samba] Samba4 syncpassword fails
julien.tehery at mediactivegroup.com
Thu Aug 13 14:47:21 UTC 2020
We are facing an issue with samba syncpassword which doesn't work anymore.
We use it to synchronize samba4 password into a remote ldap used by applications.
It has been working flawlessly for more than 2 years.
2 main DC on the main site and about 10 remote DC (with site topology).
We synchronize the password with a daemonized python script used on every DC.
For this an ldb cache is generated
One day, after promoting a new remote DC, the sync began to fail on every DC.
We tried to recover the first main DC from a backup, the sync worked, until we added a new DC and it failed again with the following error:
Thu Aug 13 15:19:12 2020: pid: ldb.LdbError(12) => (LDAP error 12 LDAP_UNAVAILABLE_CRITICAL_EXTENSION - <0000202C: Unable to unmarshall cookie as a ldapControlDirSyncCookie structure at ../source4/dsdb/samdb/ldb_modules/dirsync.c:1269> <>)
Thu Aug 13 15:19:12 2020: pid: Wait before connect - sleep(1)
Thu Aug 13 15:19:13 2020: pid: Connecting to 'ldapi:///var/lib/samba/private/ldap_priv/ldapi'
Thu Aug 13 15:19:13 2020: pid: Resuming monitoring
We tried to flush and re create the ldb cache many times, without success.
I've been searching for hours, and found nothing about this specific error.
Have any of you ever experienced something like this or have a clue of how to remediate to this?
More information about the samba