Bug 13686 - samba-tool user syscpasswords fails on a domain with many DCs
Summary: samba-tool user syscpasswords fails on a domain with many DCs
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.9.2
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
Depends on:
Reported: 2018-11-20 02:26 UTC by Andrew Bartlett
Modified: 2018-12-05 08:37 UTC (History)
0 users

See Also:

Backport of fix for v4.9 (12.40 KB, text/plain)
2018-11-28 22:45 UTC, Tim Beale
abartlet: review+

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2018-11-20 02:26:42 UTC
A limitation in the cookie size supported by the dirsync control causes samba-tool user syncpasswords to fail if the domain has previously or does currently host a large number of DCs.
Comment 1 Tim Beale 2018-11-28 20:19:27 UTC
Note that every time a DC is rejoined (using 'samba-tool domain join') it will add an extra entry to the cookie.
Comment 2 Tim Beale 2018-11-28 22:45:41 UTC
Created attachment 14695 [details]
Backport of fix for v4.9

Attached backport for 4.9. Confirmed it applies to both v4-9-test and samba-4.9.3.

CI pass: https://gitlab.com/samba-team/devel/samba/pipelines/37859979
Comment 3 Andrew Bartlett 2018-11-28 22:54:17 UTC
G'Day Karolin,

Please merge for 4.9.next.

Comment 4 Karolin Seeger 2018-12-04 12:06:23 UTC
(In reply to Andrew Bartlett from comment #3)
Pushed to autobuild-v4-9-test.
Comment 5 Karolin Seeger 2018-12-05 08:37:21 UTC
Pushed to v4-9-test.
Closing out bug report.