My specific case is this: - Windows 2003 AD domain - Has Exchange 2010 in it with according schema changes in AD When trying to join Samba4 server to the domain, it fails with the following messages: ../source4/dsdb/samdb/ldb_modules/linked_attributes.c:164: Failed to find GUID for dn (null) replmd_op_callback failure. Error is: Invalid DN syntax Failed to apply records: Failed to find GUID for (null): Invalid DN syntax Failed to commit objects: WERR_GENERAL_FAILURE When I tried to debug the issue, I see that it does fail on processing attributes for Exchange-related objects. I think that the issue is that the definitions of these attributes like say msExchOWATranscodingFileTypesBL have the following set: attribute-Syntax -> 2.5.5.14 oMSyntax -> 127 From what I see in the data itself (from debug) and what I read here - http://www.informit.com/articles/article.aspx?p=26136&seqNum=5 , it seems like this calls for a specific syntax of these attributes, which doesn't seem to be handled by code in Samba4. From the link above: This syntax stores a distinguished name along with a string. Active Directory keeps the DN up-to-date. The format is S:character count:string:DN (e.g., S:5: hello:someDN). What I see in my data is the raw value for the attribute being something like this (company-specific information replaced with XXXX): S:8: .:<GUID=a7beeb89-ef10-4585-874b-89c9a338df1b>;CN=XXXXX,CN=OWA Mailbox Policies,CN=XXXXXX Corporation,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=XXXXX,DC=XXXXX It looks like the function ldb_dn_from_ldb_val in lib/ldb/common/ldb_dn.c is doing the parsing, but it is not an expected syntax so ldb_dn struct it returns is not formed properly. I am willing to provide more information that might be needed. I can also try to give a shot at coming up with the patch, but will need to have some assistance as to what parts of code might need to be looked at as I do not fully grasp the impact of this with my limited knowledge of AD. Thanks
See the last entry in the table at: source4/dsdb/schema/schema_syntax.c:2616 This is where we match the the incoming syntax values with function pointers to parse them. To run the join under gdb, run eg: gdb --args /usr/bin/python bin/samba-tool domain join .... Then you can break in those functions, and follow them until they fail to parse the DN. Or add DEBUG() messages in the source.
Please see my post: https://lists.samba.org/archive/samba/2013-May/173372.html ...which appears to be the same issue. Exchange version is 2007, AD domain is Windows 2003. from my level 10 debug log: a:<GUID=redacted>;CN=owa (Default Web Site), CN=HTTP,CN=Protocols,CN=servername,CN=Servers,CN=Exchange Administrative Group ( FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=jaydcarter,DC=com,DC=local msExchOWATranscodingMimeTypes: S:52: a:<GUID=redacted>;CN=owa (Default Web Si te),CN=HTTP,CN=Protocols,CN=servername,CN=Servers,CN=Exchange Administrative Gro up (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Micros oft Exchange,CN=Services,CN=Configuration,DC=jaydcarter,DC=com,DC=local msExchOWATranscodingMimeTypes: S:58: a:<GUID=redacted>;CN=owa (Default Web Site),CN=HTTP,CN=Protocols,CN=servername,CN=Servers,CN=Exchange Administrati ve Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN= Microsoft Exchange,CN=Services,CN=Configuration,DC=jaydcarter,DC=com,DC=local msExchOWATranscodingFlags: 1 msExchVersion: 4535486012416 ../source4/dsdb/samdb/ldb_modules/linked_attributes.c:164: Failed to find GUID for dn (null) replmd_op_callback failure. Error is: Invalid DN syntax Failed to apply records: Failed to find GUID for (null): Invalid DN syntax Failed to commit objects: WERR_GENERAL_FAILURE Join failed - cleaning up I can provide more info or run additional tests - just let me know. Thanks, JDC
Sorry,forgot to mention my issue occurs in Samba 4.0.5 -JDC