Correct handling of isRecycled

Stefan (metze) Metzmacher metze at samba.org
Thu Nov 3 11:15:53 MDT 2011


Hi Matthieu,

> I pushed here:
> http://gitweb.samba.org/?p=mat/samba.git;a=shortlog;h=refs/heads/drs_recycled
>
> Windows 2008r2 insists on having a compatible schema when joining a
> domain, and for all objects that are tombstones or becoming tombstones
> it hads the isRecycled=TRUE attribute if FL <2K8R2 or if the recycle-bin
> is not enabled. For already deleted objects or objects deleted on pre
> Windows 2008r2 (ie. Windows 2003r2) this attribute is added while doing
> the replication (initial or regular one).
>
> With this patches, Samba adds this attributes to tombstones objects if
> the schema support the isDeleted attributes (commit a80863db) while
> deleting objects or during replication (initial and regular).

But with this patch we always add isRecycled: TRUE if it's not already
there when we get a change from another dc, there's no check for the
functional
level.

> In order to cope with current Samba setup and without requiring them to
> run upgradeprovision or dbcheck, the kcc-deleted task has been modified
> to add this attribute if supported by the schema to deleted objects that
> do not have it (commit fad767b761f).

This commit
http://gitweb.samba.org/?p=mat/samba.git;a=commitdiff;h=fad767b761f641bc13824774144c85e5fe1f56d4
has still stuff the belongs to the full scan commit.

Also I'm not sure if this is the correct thing todo, as we never
explicitly store 'isRecycled: FALSE' and cannot find out if adding
isRecycled: TRUE
is the right thing to do for the given object.

> I also corrected the changed I made for link pointing to deleted objects
> that should not be sent, so that it takes care of the forest level
> (commit 21270a76b).

This commit
http://gitweb.samba.org/?p=mat/samba.git;a=commitdiff;h=21270a76bcb54599980dfd05643bf0351572bcf2
should be the last one (not the first one) and you should use "TRUE"
instead of "true",
as "TRUE" is stored.

> I also included a change for the removal of deleted of objects that are
> not in the Deleted Object container (commit c13e511da), I think that the
> only case I know so far are site related objects and some child objects
> that have DONOTMOVE flag (or similar).
> 
> Let me know about them.

I think we need a better way to detect if we want to fix an object which
is stored broken,
maybe look for attributes which should be there if the object is only
DELETED and not an old style TOMBSTONE.

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20111103/2c8fe94a/attachment.pgp>


More information about the samba-technical mailing list