[Samba] idmap range

Stefan G. Weichinger lists at xunil.at
Tue Apr 19 12:40:38 UTC 2022


Am 14.04.22 um 12:46 schrieb Stefan G. Weichinger via samba:
> Am 14.04.22 um 11:45 schrieb Stefan G. Weichinger via samba:
> 
>> "ldapcmp" : got to learn which parameters to use .. ok, got it.
>>
>> I get one error:
>>
>> LdbError for dn CN=SOME USER,OU=CUSTOMER-BENUTZER,DC=CUSTOMER,DC=AT: 
>> (32, 'LDAP error 32 LDAP_NO_SUCH_OBJECT -  <acl_read: Error retrieving 
>> instanceType for base. at 
>> ../../source4/dsdb/samdb/ldb_modules/acl_read.c:940> <>')
>>
>> What to do about that one?
> 
> tried to edit that user to maybe trigger some resync. No success.
> 
> "drs showrepl" looks good to me, btw.
> 
> Maybe an issue: that user has a german char in its name "ß" ... just in 
> case that matters.
> 
> I don't know if that ldapcmp even relates to my initial issue with 
> SYSVOL etc

Still trying. I tried to switch RSAT to another (= the other) DC now.

Choosing one lead to "domain not found", the other gave that "wrong 
parameter" message.

Letting RSAT choose seems to enable editing a GPO now ... I will try in 
a few minutes.

What I noticed in the journal:

Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677243,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate: check_spn_direct_collision: SPN 
'HOST/pre01svdeb03.customer.at' is on 'CN=PRE01SVDEB03,OU=Domain 
Controllers,DC=customer,DC=at' so it can't be added to 
'CN=DC2,OU=customer-Computer,DC=customer,DC=at'
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677373,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate: samldb_spn_uniqueness_check: SPN 
HOST/pre01svdeb03.customer.at failed direct uniqueness check
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677410,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate: Traceback (most recent call last):
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677428,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate:   File "/usr/sbin/samba_spnupdate", line 254, 
in <module>
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677503,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate:     local_update(add_list)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677526,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate:   File "/usr/sbin/samba_spnupdate", line 200, 
in local_update
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677603,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate:     res = samdb.modify(msg)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.677625,  0] 
../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
/usr/sbin/samba_spnupdate: _ldb.LdbError: (19, 'samldb: 
spn[HOST/pre01svdeb03.customer.at] would cause a conflict')
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: [2022/04/19 
14:37:35.689294,  0] 
../../source4/dsdb/dns/dns_update.c:108(dnsupdate_spnupdate_done)
Apr 19 14:37:35 pre01svdeb03 samba[1714329]: 
../../source4/dsdb/dns/dns_update.c:108: Failed SPN update - with error 
code 1





More information about the samba mailing list