Failed to re-index objectSid error.
Andrew Bartlett
abartlet at samba.org
Wed Jan 5 16:44:47 MST 2011
On Wed, 2011-01-05 at 14:25 +0000, Dave Thurston wrote:
> Using Alpha13 in production... No issues for the past month since
> inplementation. Last week went to vampire a second system. Got the
> error message about unique index violation on objectSid. Verified that
> there were 3 objectSids duplicated(all machine accounts that do not
> show in the AD tools)
> Question? How do I get rid of the duplicates? LDBedit gives the same
> index violation when trying to edit them out.
>
>
> ERROR: Failed to create user
> "XXXXXXXXX" : ../lib/ldb/ldb_tdb/ldb_index.c:1183: Failed to re-index
> objectSid in CN=XXXXXXXXX,CN=Users,DC=XXXXXX,DC=int
> - ../lib/ldb/ldb_tdb/ldb_index.c:1115: unique index violation on
> objectSid in CN=XXXXXXXX,CN=Users,DC=XXXXXX,DC=int
This is a very difficult issue to solve. The problem is that once we
have the duplicates in the index (how this was able to happen I don't
know, the uniqueness requirement has been enforced for quite some time)
it's difficult to perform the edits to remove it. I guess we will need
to somehow disable this check, for long enough for you to fix this
issue.
I'll think about it. We do control if the index is marked as unique in
LDB, so it's mostly a matter of determining how to allow you to safely
recover.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
More information about the samba-technical
mailing list