Hey, I extend my AD with some new attributes, but I make some mistakes on the way and now I'm trying to modify those wrong attributes entries, like isSingleValued and oMSyntax. I'm following these guide - https://blogs.oracle.com/hariblog/entry/modify_attribute_properties_in_active - to make the changes. I go to LDP.exe, connect and bind to LDAP and try to make the changes on "schemaUpgradeInProgress" attribute and it outputs this: ***Call Modify... ldap_modify_s(ld, '(null)',[1] attrs); Modified "". I don't know if the change was really made. If I go to ADSI Editor, I change the attributes and then it shows a message saying that I server is not available, but it is. Does anyone have a similar problem, that can help me? Kind Regards, Bruno Andrade.
Anyone on this? I still with no progress... And I can't find anything that could be a good help, online. Thanks in advance, Bruno Andrade. On 05/30/2014 12:15 PM, Bruno Andrade wrote:> Hey, > > I extend my AD with some new attributes, but I make some mistakes on > the way and now I'm trying to modify those wrong attributes entries, > like isSingleValued and oMSyntax. > > I'm following these guide - > https://blogs.oracle.com/hariblog/entry/modify_attribute_properties_in_active > - to make the changes. I go to LDP.exe, connect and bind to LDAP and > try to make the changes on "schemaUpgradeInProgress" attribute and it > outputs this: > > ***Call Modify... > ldap_modify_s(ld, '(null)',[1] attrs); > Modified "". > > I don't know if the change was really made. If I go to ADSI Editor, I > change the attributes and then it shows a message saying that I server > is not available, but it is. > > Does anyone have a similar problem, that can help me? > > Kind Regards, > Bruno Andrade.
Andrew Bartlett
2014-Jun-02 21:40 UTC
[Samba] Schema attributes changes after AD extension
On Fri, 2014-05-30 at 12:15 +0100, Bruno Andrade wrote:> Hey, > > I extend my AD with some new attributes, but I make some mistakes on the > way and now I'm trying to modify those wrong attributes entries, like > isSingleValued and oMSyntax. > > I'm following these guide - > https://blogs.oracle.com/hariblog/entry/modify_attribute_properties_in_active > - to make the changes. I go to LDP.exe, connect and bind to LDAP and try > to make the changes on "schemaUpgradeInProgress" attribute and it > outputs this: > > ***Call Modify... > ldap_modify_s(ld, '(null)',[1] attrs); > Modified "". > > I don't know if the change was really made. If I go to ADSI Editor, I > change the attributes and then it shows a message saying that I server > is not available, but it is. > > Does anyone have a similar problem, that can help me? > > Kind Regards, > Bruno Andrade.This is not currently implemented, see rootdse.c: /* FIXME we have to do something in order to relax constraints for DRS * setting schemaUpgradeInProgress cause the fschemaUpgradeInProgress * in all LDAP connection (2K3/2K3R2) or in the current connection (2K8 and +) * to be set to true. */ /* from 5.113 LDAPConnections in DRSR.pdf * fschemaUpgradeInProgress: A Boolean that specifies certain constraint * validations are skipped when adding, updating, or removing directory * objects on the opened connection. The skipped constraint validations * are documented in the applicable constraint sections in [MS-ADTS]. */ (that is, we allow or disallow things no differently if you set this) Also, we generally prohibit schema changes unless you set: dsdb:schema update allowed = yes in the smb.conf Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba