search error - LDAP error 10 LDAP_REFERRAL - <0000202B: RefErr: DSID-0310063C, data 0, 1 access points ref 1: 'DomainDnsZones.fisherthompson.local'><ldap://DomainDnsZones.fisherthompson.local/DC=DomainDnsZones,DC=fisherthompson,DC=local> On Thu, Jul 7, 2016 at 11:04 AM, Rowland penny <rpenny at samba.org> wrote:> On 07/07/16 13:56, Jason Waters wrote: > >> So I continue to struggle getting this moved away from windows 2003 to >> samba. I've been working in VM's to test before doing it on production. >> I >> think something is just wrong/broken with my windows 2003 AD. These are a >> couple of the things I have tried. >> >> - Going from Windows 2003 to Windows 2008 to Samba >> - Seizing the roles and then joining another samba domain controller. But >> I'm unable to move the DomainDnsZones and ForestDnsZones fsmo's to the new >> samba box. Like it is coping bad data. >> - Setup a new domain with samba, joined Windows 2008 and migrated >> everything around fine! Another reason why I think something is wrong in >> my data. >> >> >> So the last thing I've been trying to figure out is why the command >> ldbsearch --cross-ncs -H ldap://pdc -b >> "DC=DomainDnsZones,DC=fisherthompson,DC=local" -s sub -Uadministrator >> >> returns a referral instead of the records. On my purely stock samba >> domain >> it works fine, so something about the windows 2003 ad? >> > > I think it must be, on my DC it dumps all the domain DNS records. What > does it actually return ? > > Rowland > > >> But if I open ASDIEDIT and connect to >> DC=DomainDnsZones,DC=fisherthompson,DC=local on the windows 2003 DC I see >> everything like I should..... >> >> >> It seems like samba and ldbtools isn't following the referrals. Or they >> shouldn't be referrals? Or something else that I have no idea about! >> >> Any other suggestions? Thanks! >> >> Jason >> >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 07/07/16 16:19, Jason Waters wrote:> search error - LDAP error 10 LDAP_REFERRAL - <0000202B: RefErr: > DSID-0310063C, data 0, 1 access points > ref 1: 'DomainDnsZones.fisherthompson.local' > > > <ldap://DomainDnsZones.fisherthompson.local/DC=DomainDnsZones,DC=fisherthompson,DC=local>If you look here: https://www.ldap.com/ldap-result-code-reference You will find this: 10: Referral This indicates that the server could not process the requested operation, but that it may succeed if attempted in another location, as specified by the referral URIs included in the response. Never having seen this before, all I can suggest is trying what it is telling you to do, only problem is, I don't really recognise the ldap URL Rowland> > On Thu, Jul 7, 2016 at 11:04 AM, Rowland penny <rpenny at samba.org > <mailto:rpenny at samba.org>> wrote: > > On 07/07/16 13:56, Jason Waters wrote: > > So I continue to struggle getting this moved away from windows > 2003 to > samba. I've been working in VM's to test before doing it on > production. I > think something is just wrong/broken with my windows 2003 AD. > These are a > couple of the things I have tried. > > - Going from Windows 2003 to Windows 2008 to Samba > - Seizing the roles and then joining another samba domain > controller. But > I'm unable to move the DomainDnsZones and ForestDnsZones > fsmo's to the new > samba box. Like it is coping bad data. > - Setup a new domain with samba, joined Windows 2008 and migrated > everything around fine! Another reason why I think something > is wrong in > my data. > > > So the last thing I've been trying to figure out is why the > command > ldbsearch --cross-ncs -H ldap://pdc -b > "DC=DomainDnsZones,DC=fisherthompson,DC=local" -s sub > -Uadministrator > > returns a referral instead of the records. On my purely stock > samba domain > it works fine, so something about the windows 2003 ad? > > > I think it must be, on my DC it dumps all the domain DNS records. > What does it actually return ? > > Rowland > > > But if I open ASDIEDIT and connect to > DC=DomainDnsZones,DC=fisherthompson,DC=local on the windows > 2003 DC I see > everything like I should..... > > > It seems like samba and ldbtools isn't following the > referrals. Or they > shouldn't be referrals? Or something else that I have no idea > about! > > Any other suggestions? Thanks! > > Jason > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
So I wanted to test if something was broke in my DC so I setup a "new" 2003 DC with a different domain, example.com. I do the ldbsearch against that and I get the same error instead of it listing the dns entries....So maybe it is a 2003 thing? On Thu, Jul 7, 2016 at 11:55 AM, Rowland penny <rpenny at samba.org> wrote:> On 07/07/16 16:19, Jason Waters wrote: > > search error - LDAP error 10 LDAP_REFERRAL - <0000202B: RefErr: > DSID-0310063C, data 0, 1 access points > ref 1: 'DomainDnsZones.fisherthompson.local' > > > <ldap://DomainDnsZones.fisherthompson.local/DC=DomainDnsZones,DC=fisherthompson,DC=local> > > > If you look here: https://www.ldap.com/ldap-result-code-reference > > You will find this: > > 10: Referral > > This indicates that the server could not process the requested operation, > but that it may succeed if attempted in another location, as specified by > the referral URIs included in the response. > > Never having seen this before, all I can suggest is trying what it is > telling you to do, only problem is, I don't really recognise the ldap URL > > Rowland > > > > On Thu, Jul 7, 2016 at 11:04 AM, Rowland penny <rpenny at samba.org> wrote: > >> On 07/07/16 13:56, Jason Waters wrote: >> >>> So I continue to struggle getting this moved away from windows 2003 to >>> samba. I've been working in VM's to test before doing it on >>> production. I >>> think something is just wrong/broken with my windows 2003 AD. These are >>> a >>> couple of the things I have tried. >>> >>> - Going from Windows 2003 to Windows 2008 to Samba >>> - Seizing the roles and then joining another samba domain controller. >>> But >>> I'm unable to move the DomainDnsZones and ForestDnsZones fsmo's to the >>> new >>> samba box. Like it is coping bad data. >>> - Setup a new domain with samba, joined Windows 2008 and migrated >>> everything around fine! Another reason why I think something is wrong in >>> my data. >>> >>> >>> So the last thing I've been trying to figure out is why the command >>> ldbsearch --cross-ncs -H ldap://pdc -b >>> "DC=DomainDnsZones,DC=fisherthompson,DC=local" -s sub -Uadministrator >>> >>> returns a referral instead of the records. On my purely stock samba >>> domain >>> it works fine, so something about the windows 2003 ad? >>> >> >> I think it must be, on my DC it dumps all the domain DNS records. What >> does it actually return ? >> >> Rowland >> >> >>> But if I open ASDIEDIT and connect to >>> DC=DomainDnsZones,DC=fisherthompson,DC=local on the windows 2003 DC I see >>> everything like I should..... >>> >>> >>> It seems like samba and ldbtools isn't following the referrals. Or they >>> shouldn't be referrals? Or something else that I have no idea about! >>> >>> Any other suggestions? Thanks! >>> >>> Jason >>> >>> >>> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > >