TDB corruption on sam.ldb tdb files

Andrew Bartlett abartlet at samba.org
Fri Sep 21 17:14:55 MDT 2012


On Sat, 2012-09-22 at 10:49 +1200, Andrew Walters wrote:
> Thanks to Andrew Bartlett and Ricky Nance for your replies.
> 
> Because I'm responding to both of you about similar stuff that you both suggested, I'll omit quotes to keep it brief.
> 
> For reference to anyone coming across this later, the messages I'm replying to are these two:
> https://lists.samba.org/archive/samba-technical/2012-September/086886.html
> https://lists.samba.org/archive/samba-technical/2012-September/086887.html
> 
> I've been slow getting back to this as Saturdays (NZ time) are my best maintenance window time, given the school can still operate off the bad ldb.
> 
> It's a single domain controller envirionemt - no replication.
> 
> tdbbackup works on sam.ldb and sam.ldb.d/* EXCEPT sam.ldb.d/DC=AD,DC=(domain name), where it fails with:
> 
> tdb_rec_read bad magic 0x6863733d at offset=1773572
> failed to copy DC=AD,DC=SMS,DC=SCHOOL,DC=NZ.ldb
> 
> ... which are the same magic and offset values given when samba-tool dbcheck --reindex and ldbedit can't remove the index.
> 
> In the meantime, since it's most likely your Friday evening as I type
> this, and since I can still browse the directory, and application of
> GPOs, user accounts, group memberships, and therefore permissions all
> still work, I might try my luck setting up a VM with another copy of
> samba4, and try to alternately replicate and vampire the domain over
> to there to see what comes out the other end.

I doubt this will work.  As soon as you have to read that failed record, it will fail.  Aside from tdbbackup, we don't have any automatic tools to help here.  

Have you looked at the binary tdb to work out what the bad magic is?

>From there, the only idea I have is to patch the tdb source to skip such records (while printing the name), and hope you can get out the rest of your data. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org




More information about the samba-technical mailing list