问题描述
在EC2 Windows Server 2019实例上配置AD DS并将其添加到使用服务器管理器的现有域(AWS Simple Active Directory)期间,出现错误:
ADPrep execution Failed --> System.ComponentModel.Win32Exception (0x80004005):
A device attached to the system is not functioning.
Check the log files in the C:\Windows\debug\adprep\logs\20201103080523 directory for detailed information.
错误消息中提到的日志信息: 档案ldif.err.48:
25: CN=ms-DS-Claim-Types,CN=Schema,CN=Configuration,DC=ad,DC=tws,DC=companyname,DC=com
Entry DN: CN=ms-DS-Claim-Types,DC=com
Add error on entry starting on line 406: Invalid Syntax
The server side error is: 0x200b The attribute Syntax specified to the directory service is invalid.
The extended server error is:
0000200B: objectclass_attrs: attribute 'rDNAttID' on entry 'CN=ms-DS-Claim-Types,DC=com' contains at least one invalid value!
24 entries modified successfully.
An error has occurred in the program
ADPrep文件:
[2020/11/03:08:05:23.873]
The command line passed to ldifde is ldifde -i -f "C:\Windows\system32\adprep\sch48.ldf" -s "aws-123456be42.ad.tws.companyname.com" -h -j "C:\Windows\debug\adprep\logs\20201103080523" -$ "C:\Windows\system32\adprep\schupgrade.cat"
[2020/11/03:08:05:46.021]
ERROR: Import from file C:\Windows\system32\adprep\sch48.ldf Failed. Error file is saved in C:\Windows\debug\adprep\logs\20201103080523\ldif.err.48.
If the error is "Insufficient Rights" (Ldap error code 50),please make sure the specified user has rights to read/write objects in the schema and configuration containers,or log off and log in as an user with these rights and rerun forestprep. In most cases,being a member of both Schema Admins and Enterprise Admins is sufficient to run forestprep.
[2020/11/03:08:05:46.091]
Adprep was unable to upgrade the schema on the schema master.
[Status/Consequence]
The schema will not be restored to its original state.
[User Action]
Check the Ldif.err log file in the C:\Windows\debug\adprep\logs\20201103080523 directory for detailed information.
[2020/11/03:08:05:46.091]
Adprep was unable to update forest information.
[Status/Consequence]
Adprep requires access to existing forest-wide information from the schema master in order to complete this operation.
[User Action]
Check the log file,ADPrep.log,in the C:\Windows\debug\adprep\logs\20201103080523 directory for more information.
我正在尝试将AD FS设置为具有this guide之后的Amazon Cognito用户池的SAML身份提供程序。
为此,如this guide所述,需要在EC2 Windows实例上设置和配置AD DS,AD FS和IIS。
遵循本指南,我尝试在EC2 Windows Server 2019实例上配置AD DS。此EC2已添加到AWS Simple Active Directory域。要配置AD DS,请按照要使用服务器管理器安装AD DS 下的说明进行操作,从本指南的步骤9开始:Install Active Directory Domain Services
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)