>Then I am at a loss, if nothing really changed, why are you getting the >error ?Well, I ask myself the same question. The fact is that it went bad at the precise second we tried to add a new remote DC to the domain. This never happened before has we had many other remote DCs and use to join them whitout any problem. I was hopping that deleting and recreating the ldb cache would be sufficient, but it wasn't. Launching the daemonized script failed at the end of the first sync with the error i gave you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
>Well, I ask myself the same question. The fact is that it went bad at the precise second we tried to add a new remote DC to the domain. >This never happened before has we had many other remote DCs and use to join them whitout any problem. > >I was hopping that deleting and recreating the ldb cache would be sufficient, but it wasn't. Launching the daemonized script failed at the end of the first sync with the error i gave you.Is anyone on the dev side able to explain what happens here? Reminder of the error during a password sync: Thu Aug 13 15:19:12 2020: pid[31990]: ldb.LdbError(12) => (LDAP error 12 LDAP_UNAVAILABLE_CRITICAL_EXTENSION - <0000202C: Unable to unmarshall cookie as a ldapControlDirSyncCookie structure at ../source4/dsdb/samdb/ldb_modules/dirsync.c:1269> <>) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
On Mon, Aug 17, 2020 at 06:44:53AM +0000, Julien TEHERY via samba wrote:> >Well, I ask myself the same question. The fact is that it went bad at the precise second we tried to add a new remote DC to the domain. > >This never happened before has we had many other remote DCs and use to join them whitout any problem. > > > >I was hopping that deleting and recreating the ldb cache would be sufficient, but it wasn't. Launching the daemonized script failed at the end of the first sync with the error i gave you. > > > Is anyone on the dev side able to explain what happens here? > > Reminder of the error during a password sync: > > Thu Aug 13 15:19:12 2020: pid[31990]: ldb.LdbError(12) => (LDAP error 12 LDAP_UNAVAILABLE_CRITICAL_EXTENSION - <0000202C: Unable to unmarshall cookie as a ldapControlDirSyncCookie structure at ../source4/dsdb/samdb/ldb_modules/dirsync.c:1269> <>)This function ndr_pull_ldapControlDirSyncCookie() returned an error. Add debug output and drill down into what it is failing to parse.
>This function ndr_pull_ldapControlDirSyncCookie() >returned an error. Add debug output and drill down >into what it is failing to parse.FYI, I increased samba4 loglevel to 10, re initialized ldb cache et launched again password sync and it failed with the exact same error The script used is a python one provided here: https://dev.tranquil.it/wiki/SAMBA_-_Synchronisation_des_mots_de_passe_entre_un_Samba4_et_une_OpenLDAP As the error seemes to come from samba, i don't know where to seek now Do you expect me to do something else to get more informations ont this? Thanks for your help
>FYI, I increased samba4 loglevel to 10, re initialized ldb cache et launched again password sync and it failed with the exact same error > >The script used is a python one provided here: >https://dev.tranquil.it/wiki/SAMBA_-_Synchronisation_des_mots_de_passe_entre_un_Samba4_et_une_OpenLDAP<https://dev.tranquil.it/wiki/SAMBA_-_Synchronisation_des_mots_de_passe_entre_un_Samba4_et_une_OpenLDAP>>As the error seemes to come from samba, i don't know where to seek now >Do you expect me to do something else to get more informations ont this? > >Thanks for your helpAny update on this issue? Is anyone able to help us to dig more deeplys into password sync errors? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba