[Samba] Undeletable objects in AD

Andrew Bartlett abartlet at samba.org
Wed Jul 25 02:19:26 UTC 2018 

On Mon, 2018-07-23 at 14:02 +0200, Henry Jensen via samba wrote:
> On Mon, 23 Jul 2018 11:27:38 +0100
> Rowland Penny via samba <samba at lists.samba.org> wrote:
> 
> 
> > How are you searching and what with ?
> 
> I used the ADUC tool and LDAPAdmin.
> 
> > 
> > Have you tried ldbedit ?
> > 
> > ldbedit -e <your favourite editor> -H /path/to/sam.ldb
> > 
> > This will display everything in the editor and you can then search in
> > that for the groups. You should then be able to create a filter to
> > delete the groups
> 
> 
> 
> Yes, the objects in question are displayed, one of them looks like this:
> 
> # record 46  
> dn: CN=projekt-st.wendel-wvw-technisch-ökonomische-rw,CN=Users,DC=iww,DC=lan
> cn:: cHJvamVrdC1zdC53ZW5kZWwtd3Z3LXRlY2huaXNjaC3Dtmtvbm9taXNjaGUtcnc=
> instanceType: 4
> whenCreated: 20180720113100.0Z
> uSNCreated: 5982
> name:: cHJvamVrdC1zdC53ZW5kZWwtd3Z3LXRlY2huaXNjaC3Dtmtvbm9taXNjaGUtcnc=
> objectGUID: ecbda919-4c16-4d06-9695-2540e35b44da
> objectSid: S-1-5-21-4144324718-2848790307-3888702956-3897
> sAMAccountName:: cHJvamVrdC1zdC53ZW5kZWwtd3Z3LXRlY2huaXNjaC3Dtmtvbm9taXNjaGUtc
>  nc=
> sAMAccountType: 268435456
> groupType: -2147483646
> objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=iww,DC=lan
> gidNumber: 1448
> objectClass: top
> objectClass: posixGroup
> objectClass: group
> msSFU30NisDomain: iww
> whenChanged: 20180720113106.0Z
> uSNChanged: 15576
> distinguishedName:: Q049cHJvamVrdC1zdC53ZW5kZWwtd3Z3LXRlY2huaXNjaC3Dtmtvbm9taX
>  NjaGUtcncsQ049VXNlcnMsREM9aXd3LERDPWxhbg==
> 
> However, "ldbdel -H /var/lib/samba/private/sam.ldb 'CN=projekt-st.wendel-wvw-technisch-ökonomische-rw,CN=Users,DC=iww,DC=lan'" doesn't work, it says "entry does not exist"

I suspect this is a case of one layer somewhere in the stack being
unhappy.  Try turning up the debug level and see if you can get it to
confess something more specific.

Andrew Bartlett


-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba

More information about the samba mailing list