Hello,
I'm testing a Samba 4.1.10 ADC in a 2008 R2 level environment. I
successfully setup a Win 2008R2 & Samba 4.1.10-sernet controller. But
after adding Exchange 2013 things stopped working.
I removed the Samba DC from AD, removed all leftovers in AD and re-added
it as DC. Adding Samba as DC goes ok, no errors.
But running repadmin /showreps gives me a 8418 error complaining about
schema mismatches.
---
C:\Users\Administrator>repadmin /showreps
Default-First-Site-Name\TEST-WINAD1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 8874e035-2e6e-48bb-a515-5a73c35d7fd4
DSA invocationID: 8874e035-2e6e-48bb-a515-5a73c35d7fd4
==== INBOUND NEIGHBORS =====================================
DC=stokvis-test,DC=eu
Default-First-Site-Name\LINTEST-AD via RPC
DSA object GUID: 907e34b2-5f49-4d4d-a520-1daade54cb29
Last attempt @ 2014-08-04 14:02:32 was delayed for a normal
reason, result 8418 (0x20e2):
The replication operation failed because of a schema mismatch
between the servers involved.
Last success @ (never).
CN=Configuration,DC=stokvis-test,DC=eu
Default-First-Site-Name\LINTEST-AD via RPC
DSA object GUID: 907e34b2-5f49-4d4d-a520-1daade54cb29
Last attempt @ 2014-08-04 14:09:10 was delayed for a normal
reason, result 8418 (0x20e2):
The replication operation failed because of a schema mismatch
between the servers involved.
Last success @ (never).
CN=Schema,CN=Configuration,DC=stokvis-test,DC=eu
Default-First-Site-Name\LINTEST-AD via RPC
DSA object GUID: 907e34b2-5f49-4d4d-a520-1daade54cb29
Last attempt @ 2014-08-04 14:09:10 was successful.
---
Strangely enough running samba-tool drs showrepl doesn't print any
warning, and shows domain and configuration sync without any error. But
when I run samba-tool drs replicate from the linux box to the windows DC
it also complains about WERR_DS_DRA_SCHEMA_MISMATCH.
---
root at lintest-ad:/etc/samba# samba-tool ldapcmp ldap://172.18.18.1
ldap://172.18.18.3 configuration
* Comparing [CONFIGURATION] context...
* Objects to be compared: 2490
Comparing:
'CN=Configuration,DC=stokvis-test,DC=eu' [ldap://172.18.18.1]
'CN=Configuration,DC=stokvis-test,DC=eu' [ldap://172.18.18.3]
Attributes found only in ldap://172.18.18.1:
subRefs
msDS-NcType
FAILED
* Result for [CONFIGURATION]: FAILURE
SUMMARY
---------
Attributes found only in ldap://172.18.18.1:
msDS-NcType
subRefs
ERROR: Compare failed: -1
---
A quick compare on the 2 values within the configuration partition:
test-winad1: msDS-NcType = 0
subRefs = CN=schema,CN=configuration,DC=stokvis-test,DC=eu
lintest-ad: msDS-NcType = <not set>
subRefs = <not set>
Does anyone know if Exchange 2013 should be working in a Samba 4.1.x +
Win08R2 setup? If yes, how does there ldapcmp should be interpreted?
Like to which container is this error related, do all these attributes
has be synced or not? Or is the problem & solution to be found somewhere
else?
Regards,
Danny
