L.P.H. van Belle
2019-Nov-14 10:06 UTC
[Samba] samba-tool ldapcmp without --filter errors out.
Hai, ? I've just upgrade samba on my DC's from 4.10.10 to 4.11.2. Which went fine offcourse ;-) but when i checking my replications i noticed the following. ? If people have problems upgrading, the steps to take are : ( Debian buster, samba upgrade 4.10=> 4.11 van-belle repo. ) # update 4.10 to 4.11 sed 's/410/411/g'? /etc/apt/sources.list.d/van-belle.list apt update apt dist-upgrade --autoremove --purge apt --fix-broken install apt dist-upgrade --autoremove --purge And its done. ? When running :? samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" ldap://dc1.fqdn ?ldap://dc2.fqdn This works fine, untill i remove the filter.. ? samba-tool ldapcmp? ldap://dc1.fqdn ?ldap://dc2.fqdn This errors out with : * Comparing [DOMAIN] context... ? * Objects to be compared: 845 ERROR(<class 'KeyError'>): uncaught exception - 'CN' ? File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run ??? return self.run(*args, **kwargs) ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run ??? if b1.diff(b2): ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff ??? if object1 == object2: ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__ ??? return self.cmp_attrs(other) ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs ??? if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list): ? samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn ?ldap://dc2.fqdn ? * Comparing [DOMAIN] context... ? * Objects to be compared: 845 ? * Result for [DOMAIN]: SUCCESS ? * Comparing [CONFIGURATION] context... ? * Objects to be compared: 1825 ? * Result for [CONFIGURATION]: SUCCESS ? * Comparing [SCHEMA] context... ? * Objects to be compared: 1821 ? * Result for [SCHEMA]: SUCCESS ? * Comparing [DNSDOMAIN] context... ? * Objects to be compared: 503 ERROR(<class 'KeyError'>): uncaught exception - 'DC' ? File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run ??? return self.run(*args, **kwargs) ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run ??? if b1.diff(b2): ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff ??? if object1 == object2: ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__ ??? return self.cmp_attrs(other) ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs ??? if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list): samba-tool dbcheck (--cross-nc) run fine, i have 0 errors here. ? My conclusion here, but this needs to be verified also by others, and?it might be handy to know your original samba version. ?--filter="DC,CN"? fixes the ldapcmp command to it runs without errors, the database replications is fine. ? Cause, this is a AD-DB started from 4.1.x? in all updates there where a few bugs with cn= CN= dc= DC=? and whenChanged in previous versions of samba. ? The question now is, it there a command (within samba-tool ) that fixes/lower the DC= and CN= because i didnt see/find it. ? My setup started with: Debian Wheezy, samba 4.1.x Current: Debian Buster, samba 4.11.2 ? ? Greetz, ? Louis ? ? ? ? ? ? ? ?
Christian Naumer
2019-Nov-14 11:19 UTC
[Samba] samba-tool ldapcmp without --filter errors out.
Hi, what a coincidence. I just did the upgrade from 4.10.10 on our DCs a view minutes ago. All went fine offcource :-)... This AD was Classic Upgraded with Samba 4.4 and since upgraded in place up to 4.10.10 and now 4.11.2. For me all of the commands work fine. samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" ldap://dc1.fqdn ldap://dc2.fqdn samba-tool ldapcmp ldap://dc1.fqdn ldap://dc2.fqdn samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn ldap://dc2.fqdn all produce no errors. So maybe this is something that happened in an earlier version then 4.4? Regards Am 14.11.19 um 11:06 schrieb L.P.H. van Belle via samba:> Hai, > ? > I've just upgrade samba on my DC's from 4.10.10 to 4.11.2. > Which went fine offcourse ;-) but when i checking my replications i noticed the following. > ? > If people have problems upgrading, the steps to take are : > ( Debian buster, samba upgrade 4.10=> 4.11 van-belle repo. ) > # update 4.10 to 4.11 > sed 's/410/411/g'? /etc/apt/sources.list.d/van-belle.list > apt update > apt dist-upgrade --autoremove --purge > apt --fix-broken install > apt dist-upgrade --autoremove --purge > And its done. > > ? > When running :? > samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" ldap://dc1.fqdn ?ldap://dc2.fqdn > This works fine, untill i remove the filter.. > ? > samba-tool ldapcmp? ldap://dc1.fqdn ?ldap://dc2.fqdn > This errors out with : > > * Comparing [DOMAIN] context... > ? > * Objects to be compared: 845 > ERROR(<class 'KeyError'>): uncaught exception - 'CN' > ? File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run > ??? return self.run(*args, **kwargs) > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run > ??? if b1.diff(b2): > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff > ??? if object1 == object2: > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__ > ??? return self.cmp_attrs(other) > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs > ??? if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list): > > ? > samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn ?ldap://dc2.fqdn > ? > * Comparing [DOMAIN] context... > ? > * Objects to be compared: 845 > ? > * Result for [DOMAIN]: SUCCESS > ? > * Comparing [CONFIGURATION] context... > ? > * Objects to be compared: 1825 > ? > * Result for [CONFIGURATION]: SUCCESS > ? > * Comparing [SCHEMA] context... > ? > * Objects to be compared: 1821 > ? > * Result for [SCHEMA]: SUCCESS > ? > * Comparing [DNSDOMAIN] context... > ? > * Objects to be compared: 503 > ERROR(<class 'KeyError'>): uncaught exception - 'DC' > ? File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run > ??? return self.run(*args, **kwargs) > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run > ??? if b1.diff(b2): > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff > ??? if object1 == object2: > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__ > ??? return self.cmp_attrs(other) > ? File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs > ??? if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list): > > samba-tool dbcheck (--cross-nc) run fine, i have 0 errors here. > ? > My conclusion here, but this needs to be verified also by others, and?it might be handy to know your original samba version. > ?--filter="DC,CN"? fixes the ldapcmp command to it runs without errors, the database replications is fine. > ? > Cause, this is a AD-DB started from 4.1.x? in all updates there where a few bugs with cn= CN= dc= DC=? and whenChanged in previous versions of samba. > ? > The question now is, it there a command (within samba-tool ) that fixes/lower the DC= and CN= > because i didnt see/find it. > ? > My setup started with: Debian Wheezy, samba 4.1.x > Current: Debian Buster, samba 4.11.2 > ? > ? > Greetz, > ? > Louis > ? > ? > ? > ? > ? > ? > ? > ? >-- Dr. Christian Naumer Unit Head Bioprocess Development B.R.A.I.N Aktiengesellschaft Darmstaedter Str. 34-36, D-64673 Zwingenberg e-mail cn at brain-biotech.com, homepage www.brain-biotech.com fon +49-6251-9331-30 / fax +49-6251-9331-11 Sitz der Gesellschaft: Zwingenberg/Bergstrasse Registergericht AG Darmstadt, HRB 24758 Vorstand: Dr. Juergen Eck (Vorsitzender), Manfred Bender, Ludger Roedder Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
L.P.H. van Belle
2019-Nov-14 11:55 UTC
[Samba] samba-tool ldapcmp without --filter errors out.
Hai Christian, So i looks at least samba AD-DB's originating from before samba 4.4 is affected. Thanks so far. Let see if we see more of these. @Rowland, do you have a setup the was created before samba 4.4? I dont expect you have but worth asking.. Its simular like this bug : https://bugzilla.samba.org/show_bug.cgi?id=12399 I've reported it in bugzilla: https://bugzilla.samba.org/show_bug.cgi?id=14198 Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Christian Naumer via samba > Verzonden: donderdag 14 november 2019 12:20 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] samba-tool ldapcmp without --filter errors out. > > Hi, > what a coincidence. I just did the upgrade from 4.10.10 on our DCs a > view minutes ago. All went fine offcource :-)... > This AD was Classic Upgraded with Samba 4.4 and since > upgraded in place > up to 4.10.10 and now 4.11.2. > > For me all of the commands work fine. > > samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" ldap://dc1.fqdn > ldap://dc2.fqdn > > samba-tool ldapcmp ldap://dc1.fqdn ldap://dc2.fqdn > > samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn ldap://dc2.fqdn > > > all produce no errors. > > > So maybe this is something that happened in an earlier > version then 4.4? > > > Regards > > > > Am 14.11.19 um 11:06 schrieb L.P.H. van Belle via samba: > > Hai, > > ? > > I've just upgrade samba on my DC's from 4.10.10 to 4.11.2. > > Which went fine offcourse ;-) but when i checking my > replications i noticed the following. > > ? > > If people have problems upgrading, the steps to take are : > > ( Debian buster, samba upgrade 4.10=> 4.11 van-belle repo. ) > > # update 4.10 to 4.11 > > sed 's/410/411/g'? /etc/apt/sources.list.d/van-belle.list > > apt update > > apt dist-upgrade --autoremove --purge > > apt --fix-broken install > > apt dist-upgrade --autoremove --purge > > And its done. > > > > ? > > When running :? > > samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" > ldap://dc1.fqdn ?ldap://dc2.fqdn > > This works fine, untill i remove the filter.. > > ? > > samba-tool ldapcmp? ldap://dc1.fqdn ?ldap://dc2.fqdn > > This errors out with : > > > > * Comparing [DOMAIN] context... > > ? > > * Objects to be compared: 845 > > ERROR(<class 'KeyError'>): uncaught exception - 'CN' > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", > line 186, in _run > > ??? return self.run(*args, **kwargs) > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 957, in run > > ??? if b1.diff(b2): > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 781, in diff > > ??? if object1 == object2: > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 549, in __eq__ > > ??? return self.cmp_attrs(other) > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 590, in cmp_attrs > > ??? if isinstance(self.attributes[x], list) and > isinstance(other.attributes[x], list): > > > > ? > > samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn ?ldap://dc2.fqdn > > ? > > * Comparing [DOMAIN] context... > > ? > > * Objects to be compared: 845 > > ? > > * Result for [DOMAIN]: SUCCESS > > ? > > * Comparing [CONFIGURATION] context... > > ? > > * Objects to be compared: 1825 > > ? > > * Result for [CONFIGURATION]: SUCCESS > > ? > > * Comparing [SCHEMA] context... > > ? > > * Objects to be compared: 1821 > > ? > > * Result for [SCHEMA]: SUCCESS > > ? > > * Comparing [DNSDOMAIN] context... > > ? > > * Objects to be compared: 503 > > ERROR(<class 'KeyError'>): uncaught exception - 'DC' > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", > line 186, in _run > > ??? return self.run(*args, **kwargs) > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 957, in run > > ??? if b1.diff(b2): > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 781, in diff > > ??? if object1 == object2: > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 549, in __eq__ > > ??? return self.cmp_attrs(other) > > ? File > "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", > line 590, in cmp_attrs > > ??? if isinstance(self.attributes[x], list) and > isinstance(other.attributes[x], list): > > > > samba-tool dbcheck (--cross-nc) run fine, i have 0 errors here. > > ? > > My conclusion here, but this needs to be verified also by > others, and?it might be handy to know your original samba version. > > ?--filter="DC,CN"? fixes the ldapcmp command to it runs > without errors, the database replications is fine. > > ? > > Cause, this is a AD-DB started from 4.1.x? in all updates > there where a few bugs with cn= CN= dc= DC=? and whenChanged > in previous versions of samba. > > ? > > The question now is, it there a command (within samba-tool > ) that fixes/lower the DC= and CN= > > because i didnt see/find it. > > ? > > My setup started with: Debian Wheezy, samba 4.1.x > > Current: Debian Buster, samba 4.11.2 > > ? > > ? > > Greetz, > > ? > > Louis > > ? > > ? > > ? > > ? > > ? > > ? > > ? > > ? > > > > -- > Dr. Christian Naumer > Unit Head Bioprocess Development > B.R.A.I.N Aktiengesellschaft > Darmstaedter Str. 34-36, D-64673 Zwingenberg > e-mail cn at brain-biotech.com, homepage www.brain-biotech.com > fon +49-6251-9331-30 / fax +49-6251-9331-11 > > Sitz der Gesellschaft: Zwingenberg/Bergstrasse > Registergericht AG Darmstadt, HRB 24758 > Vorstand: Dr. Juergen Eck (Vorsitzender), Manfred Bender, > Ludger Roedder > Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >