[Samba] Upgrade to 4.20: Not resetting nTSecurityDescriptor
Daniel Müller
mueller at tropenklinik.de
Mon Apr 15 07:44:11 UTC 2024
root at dom2:~# samba-tool dbcheck --fix --yes
Checking 705 objects
Checked 705 objects (0 errors)
root at dom2:~# samba-tool dbcheck --cross-ncs
Checking 4506 objects
Not resetting nTSecurityDescriptor on CN=Deleted Objects,CN=Configuration,DC=tlk,DC=loc
Not resetting nTSecurityDescriptor on CN=Deleted Objects,DC=DomainDnsZones,DC=tlk,DC=loc
Not resetting nTSecurityDescriptor on CN=Deleted Objects,DC=ForestDnsZones,DC=tlk,DC=loc
Checked 4506 objects (3 errors)
Please use 'samba-tool dbcheck --fix' to fix 3 errors
-----Ursprüngliche Nachricht-----
Von: Rowland Penny via samba [mailto:samba at lists.samba.org]
Gesendet: Montag, 15. April 2024 09:28
An: samba at lists.samba.org
Cc: Rowland Penny <rpenny at samba.org>
Betreff: Re: [Samba] Upgrade to 4.20: Not resetting nTSecurityDescriptor
On Mon, 15 Apr 2024 07:53:16 +0200
Daniel Müller via samba <samba at lists.samba.org> wrote:
> I did it:
> root at dom2:~# samba-tool dbcheck --fix
> Checking 705 objects
> Reset nTSecurityDescriptor on CN=Deleted Objects,DC=tlk,DC=loc back
> to provision default? Owner
> mismatch: SY (in ref) DA(in current) Group mismatch: SY (in ref) DA(in
> current) Part dacl is different between reference and current here is
> the detail: (A;;LCRPLORC;;;AU) ACE is not present in the reference
> (A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;DA) ACE is not present in
> the r eference
> (A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY) ACE is not present in the r
> eference (A;;CCDCLCSWRPWPSDRCWDWO;;;SY)
> ACE is not present in the current (A;;LCRP;;;BA) ACE is not present in
> the current [y/N/all/none] y Fixed attribute 'nTSecurityDescriptor' of
> 'CN=Deleted Objects,DC=tlk,DC=loc'
>
> Checked 705 objects (1 errors)
>
>
>
> root at dom2:~# samba-tool dbcheck --cross-ncs Checking 4506 objects Not
> resetting nTSecurityDescriptor on CN=Deleted
> Objects,CN=Configuration,DC=tlk,DC=loc
>
> Not resetting nTSecurityDescriptor on CN=Deleted
> Objects,DC=DomainDnsZones,DC=tlk,DC=loc
>
> Not resetting nTSecurityDescriptor on CN=Deleted
> Objects,DC=ForestDnsZones,DC=tlk,DC=loc
>
> Checked 4506 objects (3 errors)
> Please use 'samba-tool dbcheck --fix' to fix 3 errors root at dom2:~#
> samba-tool dbcheck --fix Checking 705 objects Checked 705 objects (0
> errors)
>
> But the next "samba-tool dbcheck --cross-ncs" shows the same three
> errors again!?
>
Try it like this:
samba-tool dbcheck --fix --yes
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list