Thanks for taking a shot at helping me, Rowland. I found that someone had made this suggestion for another person in the past, so I ran this command before reaching out on Monday:> ldbsearch -H /var/lib/samba/private/sam.ldb -b "CN=Schema,CN=Configuration,$(echo "DC=$(hostname -d)" | sed 's/\./,DC=/g')" -s base objectVersion | grep 'objectVersion' | awk '{print $NF}'(Which is just a fancier way to precisely carve down to the version number.) Back then, it gave me "47." I ran it again today, and now it says, "My value is still 47... alas." Any other suggestions? Again, I appreciate your time. Matthew On 2020.11.06, 9:26 AM, "samba on behalf of Rowland penny via samba" <samba-bounces at lists.samba.org on behalf of samba at lists.samba.org> wrote: On 06/11/2020 14:43, Matthew Delfino Samba List via samba wrote: > Hello! > > I just upgraded from Samba v4.10.9 to v4.11.15. The upgrade seems to have gone smoothly. As part of major release maintenance, I ran the following command on my schema master DC: > > > samba-tool domain schemaupgrade > > Do you have any suggestions on how to troubleshoot? My schema is already on version 47. > It looks like your schema is already at '69', try running this: ldbsearch -H /var/lib/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion Altered for your setup. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a registered trademark of KNOCK, inc. This message and any attachments contain information, which is confidential and/or privileged. If you are not the intended recipient, please refrain from any disclosure, copying, distribution or use of this information. Please be aware that such actions are prohibited. If you have received this transmission in error, kindly notify the sender by e-mail. Your cooperation is appreciated.
Hello,
Since responses were not forthcoming, I started looking for plausible
explanations that might be unique to my company's setup. A few years ago, we
imported ldif schema files to support directory integrations with Kerio Connect
server. The attribute "msDS-MembersOfResourcePropertyList" was
included in one of those ldif files.
Since we no longer require directory integration with Kerio Connect, my
inclination is to remove this custom schema. If anyone has suggestions on how to
safely remove schema alterations from Samba, I'd greatly appreciate it.
Otherwise, I'll do my own research, see if and how I can remove this custom
schema from my installation.
Whatever I find I'll be sure to report back to the forum in case, however
unlikely, another administrator finds themselves in a similar situation.
Thanks,
Matthew
?On 2020.11.06, 8:48 PM, "Matthew Delfino Samba List via samba"
<samba at lists.samba.org> wrote:
Thanks for taking a shot at helping me, Rowland. I found that someone had
made this suggestion for another person in the past, so I ran this command
before reaching out on Monday:
> ldbsearch -H /var/lib/samba/private/sam.ldb -b
"CN=Schema,CN=Configuration,$(echo "DC=$(hostname -d)" | sed
's/\./,DC=/g')" -s base objectVersion | grep
'objectVersion' | awk '{print $NF}'
(Which is just a fancier way to precisely carve down to the version number.)
Back then, it gave me "47."
I ran it again today, and now it says, "My value is still 47...
alas."
Any other suggestions?
Again, I appreciate your time.
Matthew
On 2020.11.06, 9:26 AM, "samba on behalf of Rowland penny via
samba" <samba-bounces at lists.samba.org on behalf of samba at
lists.samba.org> wrote:
On 06/11/2020 14:43, Matthew Delfino Samba List via samba wrote:
> Hello!
>
> I just upgraded from Samba v4.10.9 to v4.11.15. The upgrade
seems to have gone smoothly. As part of major release maintenance, I ran the
following command on my schema master DC:
>
> > samba-tool domain schemaupgrade
>
> Do you have any suggestions on how to troubleshoot? My schema
is already on version 47.
>
It looks like your schema is already at '69', try running this:
ldbsearch -H /var/lib/samba/private/sam.ldb -b
'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base
objectVersion
Altered for your setup.
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a registered
trademark of KNOCK, inc. This message and any attachments contain information,
which is confidential and/or privileged. If you are not the intended recipient,
please refrain from any disclosure, copying, distribution or use of this
information. Please be aware that such actions are prohibited. If you have
received this transmission in error, kindly notify the sender by e-mail. Your
cooperation is appreciated.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a registered trademark of
KNOCK, inc. This message and any attachments contain information, which is
confidential and/or privileged. If you are not the intended recipient, please
refrain from any disclosure, copying, distribution or use of this information.
Please be aware that such actions are prohibited. If you have received this
transmission in error, kindly notify the sender by e-mail. Your cooperation is
appreciated.
In general we do not allow the removal of schema. In particular, because records in samba are stored under the attribute name, removing schema or renaming schema items describing those attributes and objectclasses can mean records cannot be processed correctly. However, if you confirm you really have exactly the entry already in the schema, you could edit the new schema not to add that particular entry. Ideally we could update the tool (let me know if you would prefer this option) to detect this and recover, but for now that would be the best option. Andrew Bartlett On Tue, 2020-11-10 at 22:27 +0000, Matthew Delfino Samba List via samba wrote:> Hello, > > Since responses were not forthcoming, I started looking for plausible > explanations that might be unique to my company's setup. A few years > ago, we imported ldif schema files to support directory integrations > with Kerio Connect server. The attribute "msDS- > MembersOfResourcePropertyList" was included in one of those ldif > files. > > Since we no longer require directory integration with Kerio Connect, > my inclination is to remove this custom schema. If anyone has > suggestions on how to safely remove schema alterations from Samba, > I'd greatly appreciate it. Otherwise, I'll do my own research, see if > and how I can remove this custom schema from my installation. > > Whatever I find I'll be sure to report back to the forum in case, > however unlikely, another administrator finds themselves in a similar > situation. > > Thanks, > Matthew > > > ?On 2020.11.06, 8:48 PM, "Matthew Delfino Samba List via samba" < > samba at lists.samba.org> wrote: > > Thanks for taking a shot at helping me, Rowland. I found that > someone had made this suggestion for another person in the past, so I > ran this command before reaching out on Monday: > > > ldbsearch -H /var/lib/samba/private/sam.ldb -b > "CN=Schema,CN=Configuration,$(echo "DC=$(hostname -d)" | sed > 's/\./,DC=/g')" -s base objectVersion | grep 'objectVersion' | awk > '{print $NF}' > > (Which is just a fancier way to precisely carve down to the > version number.) > > Back then, it gave me "47." > > I ran it again today, and now it says, "My value is still 47... > alas." > > Any other suggestions? > > Again, I appreciate your time. > > Matthew > > > On 2020.11.06, 9:26 AM, "samba on behalf of Rowland penny via > samba" <samba-bounces at lists.samba.org on behalf of > samba at lists.samba.org> wrote: > > On 06/11/2020 14:43, Matthew Delfino Samba List via samba > wrote: > > Hello! > > > > I just upgraded from Samba v4.10.9 to v4.11.15. The > upgrade seems to have gone smoothly. As part of major release > maintenance, I ran the following command on my schema master DC: > > > > > samba-tool domain schemaupgrade > > > > Do you have any suggestions on how to troubleshoot? My > schema is already on version 47. > > > It looks like your schema is already at '69', try running > this: > > ldbsearch -H /var/lib/samba/private/sam.ldb -b > 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s > base > objectVersion > > Altered for your setup. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and > read the > instructions: https://lists.samba.org/mailman/options/samba > > > ? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a > registered trademark of KNOCK, inc. This message and any attachments > contain information, which is confidential and/or privileged. If you > are not the intended recipient, please refrain from any disclosure, > copying, distribution or use of this information. Please be aware > that such actions are prohibited. If you have received this > transmission in error, kindly notify the sender by e-mail. Your > cooperation is appreciated. > -- > To unsubscribe from this list go to the following URL and read > the > instructions: https://lists.samba.org/mailman/options/samba > > ? 2020 KNOCK, inc. All rights reserved. KNOCK, inc, is a registered > trademark of KNOCK, inc. This message and any attachments contain > information, which is confidential and/or privileged. If you are not > the intended recipient, please refrain from any disclosure, copying, > distribution or use of this information. Please be aware that such > actions are prohibited. If you have received this transmission in > error, kindly notify the sender by e-mail. Your cooperation is > appreciated.-- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba
On 10/11/2020 22:27, Matthew Delfino Samba List via samba wrote:> Hello, > > Since responses were not forthcoming, I started looking for plausible explanations that might be unique to my company's setup. A few years ago, we imported ldif schema files to support directory integrations with Kerio Connect server. The attribute "msDS-MembersOfResourcePropertyList" was included in one of those ldif files. > > Since we no longer require directory integration with Kerio Connect, my inclination is to remove this custom schema. If anyone has suggestions on how to safely remove schema alterations from Samba, I'd greatly appreciate it. Otherwise, I'll do my own research, see if and how I can remove this custom schema from my installation. > > Whatever I find I'll be sure to report back to the forum in case, however unlikely, another administrator finds themselves in a similar situation. >There doesn't seem to be a way of removing anything from the AD schema, this is why you should think long and hard before extending it. What you can do is to remove the installed attributes & objectclasses from the ldifs you are trying to add. Rowland