10

I am using windows server 2008. I have a domain with one domain controller (this is a dev environment). I edited the AD schema and created a custom attribute called TestAttribute2 (the LDAP name is testAttribute2) with a syntax of numerical string, single valued, with no minimum or maximum. The attribute's OID was 1.3.6.1.4.1.39668.21769.1.1.1. I also created another test attribute with a Microsoft-issued OID of 1.2.840.113556.1.8000.2554.37861.10620.51629.17372.38569.15288078.14709744.1.2. The attribute is nonindexed, active, not replicated to the GC, not copied when duplicating, and not indexed for containerized searches. I then added this attribute to the person class.

Whenever I try to set either of those custom attributes using the attribute editor function of the AD Users and Computers MMC, or ADSI Edit, MMC crashes, and the attribute remains unset. However, other custom attributes with similar OIDs but with other syntaxes (CI string and Unicode string) can be set with no crash. What am I doing wrong?

Falcon Momot
  • 24,975
  • 13
  • 61
  • 92
  • 1
    What are you doing wrong? Simples, you're editing the AD schema! Sorry, could not resist. – Simon Catlin Jul 13 '12 at 12:40
  • Lol. Well said! :P Sometimes, I am overcome by this awful and demonic urge to edit the AD schema, though. I simply can't help myself. It usually happens when using 3rd party code that binds to AD. – Falcon Momot Jul 13 '12 at 23:27
  • 4
    What happens if you use a different tool to edit the field? #1 MS LDP http://support.microsoft.com/kb/260745, #2 Powershell, #3 third party ldap gui such as JXplorer or ldapAdmin? – Clayton Jun 11 '14 at 13:53
  • That is a good point; maybe I will give it a try someday. I actually haven't been working with the company where I was doing this for over a year now, but it's still interesting. – Falcon Momot Jun 11 '14 at 23:13

1 Answers1

1

This crash occurs when trying to edit attributes of type "Numeric String" that are not "multi valued" with ADSI edit. Application verifier enabled for mmc.exe we can see a stack trace of this type of crash, it seems to crash on trying to delete an array of values:

0:005> k
 # Child-SP          RetAddr               Call Site
00 00000000`0c7ee660 00000000`76cdc4ca     vfbasics!AVrfpRtlFreeHeap+0x62
01 00000000`0c7ee730 000007fe`fd6e10c0     kernel32!HeapFree+0xa
02 00000000`0c7ee760 000007fe`f3554ef0     msvcrt!free+0x1c
03 00000000`0c7ee790 000007fe`ec973d77     vfbasics!AVrfp_deletearray+0x30
04 00000000`0c7ee7c0 000007fe`ec9743e6     adsiedit!DeleteADsValues+0x97
05 00000000`0c7ee7f0 000007fe`ec97c145     adsiedit!CSingleStringEditor::GetNewValue+0x1b6
06 00000000`0c7ee840 000007fe`ec97bf10     adsiedit!CAttributeEditorPropertyPage::EditAttribute+0x149
07 00000000`0c7ee900 000007fe`f334abdb     adsiedit!CAttributeEditorPropertyPage::OnNotifyEditAttribute+0x54
08 00000000`0c7ee930 000007fe`f334ae0b     mfc42u!_AfxDispatchCmdMsg+0x83
09 00000000`0c7ee960 000007fe`f334198e     mfc42u!CCmdTarget::OnCmdMsg+0x17b
0a 00000000`0c7ee9b0 000007fe`f332160d     mfc42u!CPropertySheet::OnCmdMsg+0x32
0b 00000000`0c7ee9f0 000007fe`f3340fc2     mfc42u!CWnd::OnNotify+0xa5
0c 00000000`0c7eea50 000007fe`ec97eb78     mfc42u!CPropertyPage::OnNotify+0x22
0d 00000000`0c7eea80 000007fe`f3320ab8     adsiedit!CAttributeEditorPropertyPage::OnNotify+0x54
0e 00000000`0c7eeab0 000007fe`f33209f8     mfc42u!CWnd::OnWndMsg+0x8c
0f 00000000`0c7eebb0 000007fe`f331ef25     mfc42u!CWnd::WindowProc+0x38
10 00000000`0c7eebf0 000007fe`f331f329     mfc42u!AfxCallWndProc+0xe1
11 00000000`0c7eec90 000007fe`ec987a95     mfc42u!AfxWndProc+0x59
12 00000000`0c7eecd0 00000000`76bfd53e     adsiedit!AfxWndProcDllStatic+0x49
13 00000000`0c7eed20 00000000`76bfc62b     user32!UserCallWinProcCheckWow+0x1ad
14 00000000`0c7eede0 00000000`76bfc71d     user32!DispatchClientMessage+0xc3
15 00000000`0c7eee40 00000000`76e26c26     user32!_fnDWORD+0x2d
16 00000000`0c7eeea0 00000000`76bfb20a     ntdll!KiUserCallbackDispatcherContinue
17 00000000`0c7eef28 00000000`76bf7abb     user32!ZwUserMessageCall+0xa
18 00000000`0c7eef30 00000000`76bfb649     user32!SendMessageWorker+0x73f
19 00000000`0c7eefc0 000007fe`fb4247f7     user32!SendMessageW+0x5b
1a 00000000`0c7ef010 000007fe`fb518b89     comctl32_7fefb3f0000!CCSendNotify+0xf93
1b 00000000`0c7ef130 000007fe`fb47d681     comctl32_7fefb3f0000!CLVMouseManager::HandleMouse+0x7bd
1c 00000000`0c7ef280 000007fe`fb47cc68     comctl32_7fefb3f0000!CListView::WndProc+0x9cd
1d 00000000`0c7ef480 00000000`76bfd53e     comctl32_7fefb3f0000!CListView::s_WndProc+0x6c4
1e 00000000`0c7ef4e0 00000000`76bfd7c6     user32!UserCallWinProcCheckWow+0x1ad
1f 00000000`0c7ef5a0 00000000`76bfd174     user32!DispatchMessageWorker+0x389
20 00000000`0c7ef620 000007fe`fb439d0d     user32!IsDialogMessageW+0x14f
21 00000000`0c7ef6b0 000007fe`fb43c063     comctl32_7fefb3f0000!Prop_IsDialogMessage+0x1f1
22 00000000`0c7ef720 000007fe`fb43c43d     comctl32_7fefb3f0000!_RealPropertySheet+0x31b
23 00000000`0c7ef7f0 000007fe`f0fa2c58     comctl32_7fefb3f0000!_PropertySheet+0x55
24 00000000`0c7ef830 000007fe`f0fa2e30     mmcndmgr!MmcIsolationAwarePropertySheet+0x68
25 00000000`0c7ef860 000007fe`f0fa2bc7     mmcndmgr!PropertySheetProc+0x1a0
26 00000000`0c7ef8f0 000007fe`fd6e3ea7     mmcndmgr!PropertySheetThreadProc+0x9f
27 00000000`0c7ef920 000007fe`fd6e6635     msvcrt!endthreadex+0x47
28 00000000`0c7ef950 00000000`76ccbe3d     msvcrt!endthreadex+0x100
29 00000000`0c7ef980 00000000`76e06a51     kernel32!BaseThreadInitThunk+0xd
2a 00000000`0c7ef9b0 00000000`00000000     ntdll!RtlUserThreadStart+0x1d

Potential solutions/workarounds include

  1. Use ADSI Edit from Windows Server 2019 / Windows 10 with Remote Server Administration Tools, which does not have this issue.
  2. Create the attribute as type other than numeric string
  3. Create the attribute as numeric string "multi-valued"
  4. Don't use ADSI Edit to edit the value, i.e. AD Explorer works fine although on 2008 you will have to use an old version i.e. https://web.archive.org/web/20110601/https://download.sysinternals.com/files/AdExplorer.zip
Malcolm McCaffery
  • 273
  • 3
  • 12