Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: Gilberto Ferreira on April 19, 2013, 11:37:55 pm
-
Hi...
I try join a box with Zentyal 3.0.18 as BDC on WIndows 2003 R2 Standard.
I'm able to join the domain, but I can't see any users or groups...
I get this message:
objectclass_attrs: attribute 'gidNumber' on entry
'CN=DnsUpdateProxy,CN=Users,DC=home,DC=lan' was not found in the schema!
Please help!
Thanks
-
We have same problem:
http://forum.zentyal.org/index.php/topic,13005.0.html
-- Davor
-
Yeah...
It's good to see other person with some problem.. This will push Zentyal Team to release a patch to solve this awful problem... At least, I hope for...
Cheers
-
BTW, I already open a channel.. Ops Sorry Uhura... open a ticket describing the problem...
Please, Zentyal Team, pay attention of our cries... rs...
Thanks
-
Just a note...
I received a mail, said me that ticket regard this problem enter in a Milestone level...
I hope the fix will be release as soon as possible...
Thanks a lot Zentyal Team...
-
I have tested a lot of options and nothing works. Today I will try the same with Windows 2008 server.
-- Davor
-
Yes.. I have tried with Windows 2008 and work wonderful... It's just with Windows 2003 that doesn't work yet...
-
Are they talking about this ticket:
http://trac.zentyal.org/ticket/6282 or this one http://trac.zentyal.org/ticket/6552 and this is total new http://trac.zentyal.org/ticket/6574 >:(
??
-- Davor
-
Yes...
I wrote two last topics... But till now, nothing was released....
I'm waiting for that...
-
Today I have send my error and slapcat output to this ticket.
http://trac.zentyal.org/ticket/6574
-- Davor
-
Nice.... I saw it.... Thanks a lot...
-
Hello friends...
As I mentioned before, I opened a Ticket regard this problem on Zentyal 3.x.
So, Javier, from Zentyal Team (I guest), answer as following:
" Hello,
the problem is that the Active Directory schema of Windows Server 2003 SBS
has not the gidNumber attribute. Since the samba LDAP is replicating this
schema it is missing the attribute and this breaks the interoperability.
You should install the schema, this can be done with "Windows services for
Unix", try to install and enable it in your windows server.
Regards,
Javier"
Then, I install WIndows Services for Unix, but I don't have any glue in how can I enable this services on Windows 2003 Server Standard!!!
Someone here, already done this???
Thanks for any help
-
Same issue here and it's been making my weekends non-existent. Until now ......
Don't install SFU it doesn't work, remove it.
My AD is on Server 2003 Standard ( 32bit )
Usual warnings about backing up etc, this could be considered as dangerous ( by M$ ) although its mostly painless - this is the process you do when you want to install a Server 2008 R2 Domain Controller into a 2003 Forest.
Resolved like this :
Logon as a schema admin ( enterprise admin )
Drive through your DNS Tree and remove ALL the entries ( apart from your A Record ) relating to your Zentyal Server, be careful not to delete any of the Windows Server entries or you will be in trouble :'(
You need the Windows Server 2008 R2 Installation DVD
start a cmd prompt
cd \support\adprep
adprep32 /forestprep
Now thats about all you need to do as it upgrades the schema as required but you should do the following as well :
adprep32 /domainprep /gppprep
I removed File Sharing Module, reinstalled it, configured it and enabled it whilst tailing the zentyal.log and it worked like a charm :)
This is the M$ note about the last command :
http://support.microsoft.com/kb/324392
The functionality of the adprep domainprep /gpprep command depends on the state of the domain. If the updated adprep /domainprep command has not been run, this command is the functional equivalent of the adprep /domainprep command in the original release of Windows Server 2003. In these circumstances, the command performs all the domain operations that are listed in Microsoft Knowledge Base article 309628. These operations include setting the permissions for GPOs in the SYSVOL. If the updated adprep /domainprep command has already been run, the adprep /domainprep /gpprep command adds only the inheritable access control entries (ACEs) on GPOs in the Sysvol shared resource. The additional ACEs give enterprise domain controllers read access permissions on GPOs. These permissions are required to support Resultant Set of Policy (RSoP) functionality for site-based policy.
-
glad to hear this...
I will try right now and post the results later...
thanks
-
Same issue here and it's been making my weekends non-existent. Until now ......
Don't install SFU it doesn't work, remove it.
My AD is on Server 2003 Standard ( 32bit )
Usual warnings about backing up etc, this could be considered as dangerous ( by M$ ) although its mostly painless - this is the process you do when you want to install a Server 2008 R2 Domain Controller into a 2003 Forest.
Resolved like this :
Logon as a schema admin ( enterprise admin )
Drive through your DNS Tree and remove ALL the entries ( apart from your A Record ) relating to your Zentyal Server, be careful not to delete any of the Windows Server entries or you will be in trouble :'(
You need the Windows Server 2008 R2 Installation DVD
start a cmd prompt
cd \support\adprep
adprep32 /forestprep
Now thats about all you need to do as it upgrades the schema as required but you should do the following as well :
adprep32 /domainprep /gppprep
I removed File Sharing Module, reinstalled it, configured it and enabled it whilst tailing the zentyal.log and it worked like a charm :)
This is the M$ note about the last command :
http://support.microsoft.com/kb/324392
The functionality of the adprep domainprep /gpprep command depends on the state of the domain. If the updated adprep /domainprep command has not been run, this command is the functional equivalent of the adprep /domainprep command in the original release of Windows Server 2003. In these circumstances, the command performs all the domain operations that are listed in Microsoft Knowledge Base article 309628. These operations include setting the permissions for GPOs in the SYSVOL. If the updated adprep /domainprep command has already been run, the adprep /domainprep /gpprep command adds only the inheritable access control entries (ACEs) on GPOs in the Sysvol shared resource. The additional ACEs give enterprise domain controllers read access permissions on GPOs. These permissions are required to support Resultant Set of Policy (RSoP) functionality for site-based policy.
I am confused here...
Do you mentioned Windows 2003 and then, in middle of explanation changed to Windows 2008 R2?????
Is there something wrong no??
-
WONDERFUL!!! WONDERFUL!!!
It's work here with Windows 2003 Standard SP2...
Thanks a lot.... =)
-
You are most welcome. Update the open ticket you have - it may help others / developers
-
Tnx for that. It works great on Windows 2003 SBS.
-- Davor
-
It worked, thanks dafatbloke