Bug 14198 - samba-tool ldapcmp without --filter errors out.
Summary: samba-tool ldapcmp without --filter errors out.
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.11.2
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-11-14 11:54 UTC by Louis
Modified: 2020-02-07 23:48 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Louis 2019-11-14 11:54:53 UTC
Also reported in the samba list. 

Samba AD-DB's with originated from a setup before at least samba 4.4 show/might show this. 

When running :  
samba-tool ldapcmp --filter="whenChanged,dc,DC,cn,CN" ldap://dc1.fqdn  ldap://dc2.fqdn
This works fine, untill i remove the filter.. 

samba-tool ldapcmp  ldap://dc1.fqdn  ldap://dc2.fqdn
This errors out with : 

* Comparing [DOMAIN] context...
 
* Objects to be compared: 845
ERROR(<class 'KeyError'>): uncaught exception - 'CN'
  File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run
    if b1.diff(b2):
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff
    if object1 == object2:
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__
    return self.cmp_attrs(other)
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs
    if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list):

 
samba-tool ldapcmp --filter="cn,CN" ldap://dc1.fqdn  ldap://dc2.fqdn
 
* Comparing [DOMAIN] context...
 
* Objects to be compared: 845
 
* Result for [DOMAIN]: SUCCESS
 
* Comparing [CONFIGURATION] context...
 
* Objects to be compared: 1825
 
* Result for [CONFIGURATION]: SUCCESS
 
* Comparing [SCHEMA] context...
 
* Objects to be compared: 1821
 
* Result for [SCHEMA]: SUCCESS
 
* Comparing [DNSDOMAIN] context...
 
* Objects to be compared: 503
ERROR(<class 'KeyError'>): uncaught exception - 'DC'
  File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 186, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 957, in run
    if b1.diff(b2):
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 781, in diff
    if object1 == object2:
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 549, in __eq__
    return self.cmp_attrs(other)
  File "/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py", line 590, in cmp_attrs
    if isinstance(self.attributes[x], list) and isinstance(other.attributes[x], list):

samba-tool dbcheck (--cross-nc) run fine, i have 0 errors here. 
 
My conclusion here, but this needs to be verified also by others, and it might be handy to know your original samba version. 
 --filter="DC,CN"  fixes the ldapcmp command to it runs without errors, the database replications is fine. 
 
Expected Cause, this is a AD-DB started from 4.1.x  in all updates there where a few bugs with cn= CN= dc= DC=  and whenChanged in previous versions of samba.
 
My setup started with: Debian Wheezy, samba 4.1.x 
This server has upgraded samba, all version steps from 4.1.x to 4.11.2
Current: Debian Buster, samba 4.11.2 

side note, the AD-DC servers have had any samba upgrade where the version number was NOT 4.x.0 4.x.1 . 

It looks related to bug: 
https://bugzilla.samba.org/show_bug.cgi?id=12399

Greetz, 

Louis