Hello, Here is the result without specifying netlogon attribute. # In my previous mail, I attached (pasted) ldapseach result without specifying netlogon attribute and filters.
[root@jpbl0-in00-is11 ~]# ldapsearch -x -D 'labsso\admin' -W -H ldap://jpbw0-in00-is82.labsso.labroot.isops.example.com -b '' -s base '(&(DnsDomain=LABSSO)(NtVer=\14\00\00\00))' # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (&(DnsDomain=LABSSO)(NtVer=\14\00\00\00)) # requesting: ALL # # dn: currentTime: 20140806113154.0Z subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=labroot,DC=isops ,DC=example,DC=com dsServiceName: CN=NTDS Settings,CN=JPBW0-IN00-IS82,CN=Servers,CN=NK1,CN=Sites, CN=Configuration,DC=labroot,DC=isops,DC=example,DC=com namingContexts: CN=Configuration,DC=labroot,DC=isops,DC=example,DC=com namingContexts: CN=Schema,CN=Configuration,DC=labroot,DC=isops,DC=example,DC=com namingContexts: DC=ForestDnsZones,DC=labroot,DC=isops,DC=example,DC=com namingContexts: DC=labsso,DC=labroot,DC=isops,DC=example,DC=com namingContexts: DC=DomainDnsZones,DC=labsso,DC=labroot,DC=isops,DC=example,DC=com defaultNamingContext: DC=labsso,DC=labroot,DC=isops,DC=example,DC=com schemaNamingContext: CN=Schema,CN=Configuration,DC=labroot,DC=isops,DC=example,DC= com configurationNamingContext: CN=Configuration,DC=labroot,DC=isops,DC=example,DC=com rootDomainNamingContext: DC=labroot,DC=isops,DC=example,DC=com supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.840.113556.1.4.801 supportedControl: 1.2.840.113556.1.4.473 supportedControl: 1.2.840.113556.1.4.528 supportedControl: 1.2.840.113556.1.4.417 supportedControl: 1.2.840.113556.1.4.619 supportedControl: 1.2.840.113556.1.4.841 supportedControl: 1.2.840.113556.1.4.529 supportedControl: 1.2.840.113556.1.4.805 supportedControl: 1.2.840.113556.1.4.521 supportedControl: 1.2.840.113556.1.4.970 supportedControl: 1.2.840.113556.1.4.1338 supportedControl: 1.2.840.113556.1.4.474 supportedControl: 1.2.840.113556.1.4.1339 supportedControl: 1.2.840.113556.1.4.1340 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 2.16.840.1.113730.3.4.9 supportedControl: 2.16.840.1.113730.3.4.10 supportedControl: 1.2.840.113556.1.4.1504 supportedControl: 1.2.840.113556.1.4.1852 supportedControl: 1.2.840.113556.1.4.802 supportedControl: 1.2.840.113556.1.4.1907 supportedControl: 1.2.840.113556.1.4.1948 supportedControl: 1.2.840.113556.1.4.1974 supportedControl: 1.2.840.113556.1.4.1341 supportedControl: 1.2.840.113556.1.4.2026 supportedControl: 1.2.840.113556.1.4.2064 supportedControl: 1.2.840.113556.1.4.2065 supportedControl: 1.2.840.113556.1.4.2066 supportedLDAPVersion: 3 supportedLDAPVersion: 2 supportedLDAPPolicies: MaxPoolThreads supportedLDAPPolicies: MaxDatagramRecv supportedLDAPPolicies: MaxReceiveBuffer supportedLDAPPolicies: InitRecvTimeout supportedLDAPPolicies: MaxConnections supportedLDAPPolicies: MaxConnIdleTime supportedLDAPPolicies: MaxPageSize supportedLDAPPolicies: MaxQueryDuration supportedLDAPPolicies: MaxTempTableSize supportedLDAPPolicies: MaxResultSetSize supportedLDAPPolicies: MinResultSets supportedLDAPPolicies: MaxResultSetsPerConn supportedLDAPPolicies: MaxNotificationPerConn supportedLDAPPolicies: MaxValRange supportedLDAPPolicies: ThreadMemoryLimit supportedLDAPPolicies: SystemMemoryLimitPercent highestCommittedUSN: 5293709 supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: GSS-SPNEGO supportedSASLMechanisms: EXTERNAL supportedSASLMechanisms: DIGEST-MD5 dnsHostName: jpbw0-in00-is82.labsso.labroot.isops.example.com ldapServiceName: labroot.isops.example.com:[email protected] serverName: CN=JPBW0-IN00-IS82,CN=Servers,CN=NK1,CN=Sites,CN=Configuration,DC= labroot,DC=isops,DC=example,DC=com supportedCapabilities: 1.2.840.113556.1.4.800 supportedCapabilities: 1.2.840.113556.1.4.1670 supportedCapabilities: 1.2.840.113556.1.4.1791 supportedCapabilities: 1.2.840.113556.1.4.1935 supportedCapabilities: 1.2.840.113556.1.4.2080 isSynchronized: TRUE isGlobalCatalogReady: TRUE domainFunctionality: 4 forestFunctionality: 4 domainControllerFunctionality: 4 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Regards, Shoji 2014-08-06 18:34 GMT+09:00 Jakub Hrozek <[email protected]>: > On Wed, Aug 06, 2014 at 01:58:02PM +0900, 杉山昌治 wrote: >> Here is the result of base object search against LABSSO and LABROOT >> (the forest root). >> I could not find "netlogon" attribute. >> So I'm afraid our AD configuration is something wrong, but I have no >> idea why "netlogon" attribute is missing. > > Thank you, can you also check if the DnsDomain object exists at all? > > Just search with DnsDomain=LABSSO w/o requiring the netlogon attribute: > # ldapsearch -x -D 'labroot\admin' -W -H > ldap://jpbw0-in00-is82.labsso.labroot.isops.example.com -b '' -s base > '(&(DnsDomain=LABSSO)(NtVer=\14\00\00\00))' > > Are there maybe other DnsDomain=\* objects instead? I'm tring to figure > out if we're using a wrong name to search.. > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
