Hallo,
bei join eines samba4 debian als DC (samba 4.11) zum UCS 4.0.0 (samba 4.2.0rc2) kommt
[code]Replicating critical objects from the base DN of the domain
Partition[DC=example,DC=de] objects[101/101] linked_values[33/0]
Partition[DC=example,DC=de] objects[503/1084] linked_values[0/0]
Partition[DC=example,DC=de] objects[905/1084] linked_values[0/0]
Partition[DC=example,DC=de] objects[1185/1084] linked_values[1043/0]
No objectClass found in replPropertyMetaData for CN=examplegroup,CN=Groups,DC=example,DC=de!
Failed to apply records: replmd_replicated_apply_add: error during DRS repl ADD: No objectClass found in replPropertyMetaData for CN=examplegroup,CN=Groups,DC=example,DC=de!
: Object class violation
Failed to commit objects: WERR_GENERAL_FAILURE
Join failed - cleaning up
checking sAMAccountName
Deleted CN=AD01,OU=Domain Controllers,DC=example,DC=de
Deleted CN=NTDS Settings,CN=AD01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=de
Deleted CN=AD01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=de
ERROR(<type ‘exceptions.TypeError’>): uncaught exception - Failed to process chunk: NT_STATUS_UNSUCCESSFUL
File “/usr/lib/python2.7/dist-packages/samba/netcmd/init.py”, line 175, in _run
return self.run(*args, **kwargs)
File “/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py”, line 555, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File “/usr/lib/python2.7/dist-packages/samba/join.py”, line 1172, in join_DC
ctx.do_join()
File “/usr/lib/python2.7/dist-packages/samba/join.py”, line 1077, in do_join
ctx.join_replicate()
File “/usr/lib/python2.7/dist-packages/samba/join.py”, line 817, in join_replicate
replica_flags=ctx.domain_replica_flags)
File “/usr/lib/python2.7/dist-packages/samba/drs_utils.py”, line 256, in replicate
schema=schema, req_level=req_level, req=req)[/code]
Bei Benutzer die über UCS angelegt worden sind kommt:
repadmin /showobjmeta dc-01 "cn=example_ucs,cn=users,dc=example,dc=de"
DsReplicaGetInfo() ist fehlgeschlagen mit Status 1359 (0x54f):
Interner Fehler.
Bei Benutzer die über Sasmba4 (mittels dsa.msc) angelegt worden sind kommen alle Atributte zum vorschein.
[code]C:\Users\p.baron>repadmin /showobjmeta dc-01 “cn=example_dsa.msccn=users,dc=example,dc=de”
30 Einträge.
Lok.USN Ursprüngl. DSA Ur. USN Ur.Zeit/Datum
Ver Attribut
======= =============== ========= =============
=== =========
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 objectClass
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 sn
161690 Default-First-Site-Name\DC-01 161690 2014-10-29 13:30:52
8 description
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 givenName
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 instanceType
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 whenCreated
145047 Default-First-Site-Name\DC-01 145047 2013-02-05 10:32:59
1 displayName
160311 Default-First-Site-Name\DC-01 160311 2014-10-29 11:50:25
1 company
151598 Default-First-Site-Name\DC-01 151598 2014-10-27 11:04:41
2 nTSecurityDescriptor
157504 Default-First-Site-Name\DC-01 157504 2014-10-28 12:36:01
1 wWWHomePage
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 name
145046 Default-First-Site-Name\DC-01 145046 2013-02-05 10:32:59
2 userAccountControl
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 codePage
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 countryCode
145048 Default-First-Site-Name\DC-01 145048 2013-02-05 10:32:59
1 dBCSPwd
145048 Default-First-Site-Name\DC-01 145048 2013-02-05 10:32:59
1 unicodePwd
145048 Default-First-Site-Name\DC-01 145048 2013-02-05 10:32:59
2 pwdLastSet
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 primaryGroupID
145048 Default-First-Site-Name\DC-01 145048 2013-02-05 10:32:59
1 supplementalCredentials
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 objectSid
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 accountExpires
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 sAMAccountName
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 sAMAccountType
145048 Default-First-Site-Name\DC-01 145048 2013-02-05 10:32:59
1 userPrincipalName
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 objectCategory
175668 Default-First-Site-Name\DC-01 175668 2014-11-12 13:41:38
2 mail
145049 Default-First-Site-Name\DC-01 145049 2013-02-05 10:33:59
1 kerio-Mail-Active
145050 Default-First-Site-Name\DC-01 145050 2013-02-05 10:34:09
1 kerio-Mail-AccountEnabled
165935 Default-First-Site-Name\DC-01 165935 2014-11-03 15:33:42
2 kerio-Mail-Address
145045 Default-First-Site-Name\DC-01 145045 2013-02-05 10:32:58
1 cn
GUIDs werden zwischengespeichert.
[/code]
Ideen?
P.S. Es hat nicht mit gelöschten Objekten in AD zu tun.
Gruß
Piotr