On Tue, 2013-12-03 at 13:28 +0100, Thomas Zeitinger
wrote:> Hi there!
>
> Here it is a setup with an Windows 2003 SBS and two Samba 4.1.2.
> Everything is working fine, but I found differences in LDAP and need to
> know if this is relevant for replication
>
> samba-tool ldapcmp ldap://sbssrv2003 ldap://samba4.1.2
>
> [...]
> Comparing:
> 'CN=Builtin,DC=SAMBADOMAIN,DC=local' [ldap://gaia]
> 'CN=Builtin,DC=SAMBADOMAIN,DC=local' [ldap://samba1]
> Attributes found only in ldap://gaia:
> serverState
> FAILED
> [...]
> Comparing:
> 'DC=SAMBADOMAIN,DC=local' [ldap://gaia]
> 'DC=SAMBADOMAIN,DC=local' [ldap://samba1]
> Attributes found only in ldap://gaia:
> serverState
> subRefs
> FAILED
> [...]
>
> Microsoft says: "serverState: Indicates whether the server is enabled
or
> disabled. A value of 1 indicates that the server is enabled. A value of
> 2 indicates that the server is disabled. All other values are
invalid."
>
(http://msdn.microsoft.com/en-us/library/windows/desktop/ms679776%28v=vs.85%29.aspx)
>
> But I cannot find information if this flag must only be set on one of
> the PDC? Or do samba not support this attrtibute?
>
>
> subRefs: "List of subordinate references of a Naming Context."
>
(http://msdn.microsoft.com/en-us/library/windows/desktop/ms679895%28v=vs.85%29.aspx)
>
> dn: DC=SAMBADOMAIN,DC=local
> objectClass: top
> objectClass: domain
> objectClass: domainDNS
> distinguishedName: DC=SAMBADOMAIN,DC=local
> subRefs: DC=ForestDnsZones,DC=SAMBADOMAIN,DC=local
> subRefs: DC=DomainDnsZones,DC=SAMBADOMAIN,DC=local
> subRefs: CN=Configuration,DC=SAMBADOMAIN,DC=local
> [...]
>
> Why it is set only on the windows server?
We need patches to correctly implement these attributes. They are
marked not-replicated, so we need to maintain their state locally.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba