Add-ADDBSidHistory / There was a problem reading the database, which probably comes from a different OS / After Exchange 2019 Schema Update #182
Comments
pbachmann77
changed the title
|
Hello @pbachmann77 , are you please able to reproduce the issue in a test environment and share the database file(s) with me? |
|
Hi @MichaelGrafnetter
If you do "PrepareAD", SID Update is possible We only need the Exchange attributes in the AD, for example "extensionattribute1" |
|
@pbachmann77 I tried it in a lab environment and I was not able to replicate the issue. Are you please using the latest version of DSInternals? Would you please be able to share the problematic lab database, without any production data? |
|
Here you have 3 ZIP
|
|
Thanks a lot, @pbachmann77, for sending the data. I am still unable to replicate the issue, as both of the following commands work on my Windows Server 2022 test DC with your sample DB without any issues: Add-ADDBSidHistory `
-SamAccountName Administrator `
-DatabasePath 'C:\NTDS_with_Exchange_Schema_Update\ntds.dit' `
-SidHistory 'S-1-5-21-3576572144-2942335999-2637578681-1001' `
-Force `
-VerboseVERBOSE: Adding SID history to principal Administrator.Get-ADDBDomainController -DatabasePath C:\NTDS_with_Exchange_Schema_Update\ntds.ditName : TESTSID01 DNSHostName : TESTSID01.test.local ServerReference : CN=TESTSID01,OU=Domain Controllers,DC=test,DC=local DomainName : test.local ForestName : test.local NetBIOSDomainName : TEST DomainSid : S-1-5-21-3576572144-2942335999-2637578681 DomainGuid : ffceaf07-43a8-452b-9186-c0df27cae2c2 Guid : 87ce8023-9842-4c6a-afcb-246ad93a33ca
Sid : S-1-5-21-3576572144-2942335999-2637578681-1001
DomainMode : Win2016
ForestMode : Win2016
SiteName : Default-First-Site-Name
DsaGuid : 08e89d65-1c4b-4925-b533-20cc09fbbf47
InvocationId : 08e89d65-1c4b-4925-b533-20cc09fbbf47
IsADAM : False
IsGlobalCatalog : True
Options : GlobalCatalog
OSName : Windows Server 2022 Standard
OSVersion : 10.0
OSVersionMajor : 10
OSVersionMinor : 0
DomainNamingContext : DC=test,DC=local
ConfigurationNamingContext : CN=Configuration,DC=test,DC=local
SchemaNamingContext : CN=Schema,CN=Configuration,DC=test,DC=local
WritablePartitions : {DC=test,DC=local, CN=Configuration,DC=test,DC=local,
CN=Schema,CN=Configuration,DC=test,DC=local, DC=DomainDnsZones,DC=test,DC=local...}
State : Running
HighestCommittedUsn : 36875
UsnAtIfm :
BackupUsn : 35445
BackupExpiration : 11/12/2024 7:19:07 PM
Epoch : 21963Could you please send me the following info?
(Get-Item -Path C:\Windows\System32\esent.dll).VersionInfo.FileVersionRawSample output: Major Minor Build Revision
----- ----- ----- --------
10 0 20348 2340
|
|
|
|
more Tests Other Test |
|
@pbachmann77 User Account Control (UAC) might be blocking your access to the NTDS directory indeed. I see that you are copying the DB files back an forth, which is very error prone (transaction logs, database epoch, etc.). Please do not do such operations on production DCs, if you don't know what exactly you are doing. There is a huge risk of damaging your AD this way. |
Hi Michael
New Issue, After Exchange 2019 Schema Update... only Schema, no PrepareAD
We need Exchange Attributes in AD for M365 Sync
Server OS 2022
Active Directory Schema Version 88
Exchange Schema Version 17003
I can't Update SID.... in the past 3 Month, it's working, on the same Server without Exchange Schema
Message
Add-ADDBSidHistory : There was a problem reading the database, which probably comes from a different OS. Try defragmenting it first by running the 'esentutl /d ntds.dit' command.
DEBUG: Opening the Active Directory database.
Add-ADDBSidHistory : There was a problem reading the database, which probably comes from a different OS. Try defragmenting it first by running the 'esentutl /d ntds.dit' command.
The text was updated successfully, but these errors were encountered: