[cifs-protocol] RE: Microsoft Client tool expectatations

Tue, 23 Sep 2008 14:33:50 -0700 

Andrew,

  The product team is analyzing the network trace for trusted domain join 
problem.   We have several questions regarding the test.

(1) What was the exact error message and when did it show ?   Did you see  
message (" Unable to read the functional level of the specified forest." & "The 
directory datatype cannot be converted to/from a native DS datatype") displayed 
from "Active Directory Trust and Domain" ?

(2) Which frame(s) in the trace are related to the error ?   at the end ?
   We can see error STATUS_OBJECT_NAME_NOT_FOUND returned 
LsarQueryTrustedDomainInfoByName() in frame 111 & 113,Is that a downstream 
effect of not reading the right data from AD?

(3) What is your Windows Server 2008 domain name ?  Is it AD2008 ?   Do you 
actually have a Netbios name different then the DNS name?
   Is 2008.naomi.abartlet.net the name of Samba4 domain ?


Thanks

----------------------------------------------------------
Hongwei  Sun - Sr. Support Escalation Engineer
DSC Protocol  Team, Microsoft
[EMAIL PROTECTED]
Tel:  469-7757027 x 57027
-----------------------------------------------------------




-----Original Message-----
From: Andrew Bartlett [mailto:[EMAIL PROTECTED]
Sent: Monday, September 08, 2008 7:22 AM
To: Interoperability Documentation Help
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Microsoft Client tool expectatations

How do I determine what LDAP values a Microsoft client tool is expecting?

For example, with the attached patch against current GIT, I cannot make
windows 2008 join Samba4 as a 2-way, forest level trusted domain.   It
seems something is wrong with what we return to 
cn=partitions,cn=configuration,....

Similarly, against our current GIT tree, the Win2k3 admin pack on WinXP won't 
launch 'Active Directory Users and Computers' against Samba4.  The error seems 
to be in response to our return value for the cn=aggregate schema.

In both cases, I just have cryptic error messages.  How can I determine what 
these tools are expecting?

Attached please find network traces for both the 2008 server attempting to join 
the trust and a WinXP machine trying to open 'Active Directory Users and 
Computers'.

(keytab to follow in private mail)

The join fails with:  'unable to read the functional level of the forest' 
Cannot convert to/from the native DS datatype.

The ADUC launch fails with: 'unspecified error'.  (This used to work, before I 
'fixed' some schema stuff).

Thanks,

Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
_______________________________________________
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Reply via email to