Need urgent help with samba4 DC re-join

Andrew Bartlett abartlet at samba.org
Wed Aug 1 07:34:06 MDT 2012 

On Wed, 2012-08-01 at 23:28 +1000, Andrew Bartlett wrote:
> On Wed, 2012-08-01 at 13:30 +0200, Andreas Oster wrote:
> > Am 18.07.2012 08:03, schrieb Andrew Bartlett:
> > > On Wed, 2012-07-18 at 07:10 +0200, Andreas Oster wrote:
> > > 
> > >> Hello Andrew,
> > >>
> > >> unfortunately dbcheck did not work. The following error messages showed up:
> > >>
> > >> ERROR: wrong instanceType 11 on DC=DomainDnsZones,DC=novanetwork,DC=loc,
> > >> should be 13
> > >> ERROR(<type 'exceptions.AttributeError'>): uncaught exception -
> > >> 'dbcheck' object has no attribute 'modify_instancetype'
> > >>   File
> > > 
> > > Thanks.  I've updated my branch with what I hope will be a fix.  This
> > > time I've modified a local DB to replicate your error condition, and
> > > confirmed it all works.
> > > 
> > > However, it will only allow the instanceType to be changed, the
> > > objectClass can't be fixed yet.  But if you can confirm what I have so
> > > far works for you, I'll see what I can do about the rest.
> > > 
> > > Thanks,
> > > 
> > > Andrew Bartlett
> > > 
> > Hello Andrew,
> > 
> > any news regarding adding some code to dbcheck to fix the objectClass
> > issue in my samba4 setup ?
> > 
> > Thank you very much.
> 
> You have been incredibly patient over the past more than a month on this
> issue.  I've not had a chance to look into this properly.  
> 
> As to getting your specific database out of this specific situation,
> this might work (on a backup!):
> 
> Run (change for your domain):
> 
>  ldbedit -H
> private/sam.ldb.d/DC=DOMAINDNSZONES,DC=SAMBA,DC=EXAMPLE,DC=COM.ldb -s
> base -b DC=DomainDnsZones,DC=samba,DC=example,DC=com
> 
> Change the object to have:
> dn: DC=DomainDnsZones,DC=samba,DC=example,DC=com
> objectClass: top
> objectClass: domain
> objectClass: domainDNS
> description: Microsoft DNS Directory
> instanceType: 13

Even better would be to use ldbmodify and create a 'replace' ldif, at
least on objectClass.  Then re-do the same thing on the sam.ldb (which
once the DB is correct, will allow the metadata to be updated). 

> Then run:
> 
>  samba-tool dbcheck -H private/sam.ldb --cross-ncs --reindex
>  samba-tool dbcheck -H private/sam.ldb --cross-ncs
> 
> This will ensure the indexes and replPropertyMetaData is updated after
> this generally NOT RECOMMENDED action of editing the raw database.

I don't like suggesting editing the raw backend ldb files, but I do feel
I've left you hanging on for a more automated solution for too long
now. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list