editing a linked attribute with ldbedit update the RMD_LOCAL_USN of all the entries

Stefan (metze) Metzmacher metze at samba.org
Thu Apr 21 05:13:08 MDT 2011 

Hi Matthieu,

>>> Well I just did a test against windows 2003 it has the same behavior ...
>> How?
> ldbsearch -k 1 -H ldap://windowsserver
> --controls="dirsync:1:2147483648:0" '(name=domain admins)' member
> By doing so I'm asking to have incremental list of changed attribute for
> link attributes.
> 
> ldbedit -k 1 -H ldap://windowsserver '(name=domain admins)' member
> 
> I added a user (ie. mat) then
> ldbsearch -k 1 -H ldap://windowsserver
> --controls="dirsync:1:2147483648:0:cookie" '(name=domain admins)' member

Better look at the msDS-ReplValueMetaData attribute. (on windows, samba
doesn't support it yet)


It seems the behavior is different there:

msDS-ReplValueMetaData:  <DS_REPL_VALUE_META_DATA>
        <pszAttributeName>member</pszAttributeName>
        <pszObjectDn>CN=Domain Admins,CN=Users,DC=bla,DC=base</pszObjectDn>
        <cbData>0</cbData>
        <pbData></pbData>
        <ftimeDeleted>1601-01-01T00:00:00Z</ftimeDeleted>
        <ftimeCreated>2011-01-24T14:22:00Z</ftimeCreated>
        <dwVersion>1</dwVersion>

<ftimeLastOriginatingChange>2011-01-24T14:22:00Z</ftimeLastOriginatingChange>

<uuidLastOriginatingDsaInvocationID>0d36ca05-5507-4e62-aca3-354bab0d39e1</uuidLastOriginatingDsaInvocationID>
        <usnOriginatingChange>12378</usnOriginatingChange>
        <usnLocalChange>12378</usnLocalChange>
        <pszLastOriginatingDsaDN>CN=NTDS
Settings,CN=W2K8R2-219,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=bla,DC=base</pszLastOriginatingDsaDN>
</DS_REPL_VALUE_META_DATA>

msDS-ReplValueMetaData:  <DS_REPL_VALUE_META_DATA>
        <pszAttributeName>member</pszAttributeName>
        <pszObjectDn>CN=Enterprise
Admins,CN=Users,DC=bla,DC=base</pszObjectDn>
        <cbData>0</cbData>
        <pbData></pbData>
        <ftimeDeleted>1601-01-01T00:00:00Z</ftimeDeleted>
        <ftimeCreated>2011-01-24T14:22:00Z</ftimeCreated>
        <dwVersion>1</dwVersion>

<ftimeLastOriginatingChange>2011-01-24T14:22:00Z</ftimeLastOriginatingChange>

<uuidLastOriginatingDsaInvocationID>0d36ca05-5507-4e62-aca3-354bab0d39e1</uuidLastOriginatingDsaInvocationID>
        <usnOriginatingChange>12398</usnOriginatingChange>
        <usnLocalChange>12398</usnLocalChange>
        <pszLastOriginatingDsaDN>CN=NTDS
Settings,CN=W2K8R2-219,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=bla,DC=base</pszLastOriginatingDsaDN>
</DS_REPL_VALUE_META_DATA>

> And after replicate looking with --reveal and --extended-dn show that
> all the linked attribute have been modified as they all have a new
> originating usn and a fairly recent timestamp.

The problem with samba is clear.

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20110421/bacec130/attachment.pgp>

More information about the samba-technical mailing list