https://bugzilla.samba.org/show_bug.cgi?id=10398 and others
Andrew Bartlett
abartlet at samba.org
Wed Jul 2 16:20:28 MDT 2014
On Wed, 2014-07-02 at 23:23 +0200, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
>
> I just noticed that we haven't backported the fixes for
> https://bugzilla.samba.org/show_bug.cgi?id=10398 and maybe some others
> (there was one also referring to a univention bug)
>
> I've created two branches with backports:
> https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/v4-1-test
> and
> https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/v4-1-drepl
> on top of the first one.
>
> v4-1-drepl contains more stuff that's not easy to backport as we would
> require a newer ldb version
> than older 4.1.x releases.
>
> Were there more patches which need to be backported? Some "conflict
> resolving" or "deletion" patches?
Those seem to already be in 4.1
> I have a customer with strange problems.
>
> CN=NTDS
> Settings,CN=DC1\ACNF:9a2f0f4f-a693-4f06-b035-2f1e05d00bfe,CN=SomeSite,....
> Is not deleted, while
> CN=DC1\ACNF:9a2f0f4f-a693-4f06-b035-2f1e05d00bfe,CN=SomeSite
> is deleted. Our kcc finds this but later crash we in
> dreplsrv_get_target_principal()
> line 207, as dsdb_search_dn() doesn't have some logic like if
> (dsdb_flags & DSDB_SEARCH_ONE_ONLY) {
> in dsdb_search(). So we may get res->count == 0 instead of
> LDB_ERR_NO_SUCH_OBJECT.
>
> Should we implement dsdb_search_dn() on top of dsdb_search() passing
> DSDB_SEARCH_ONE_ONLY
> and LDB_SCOPE_BASE?
I'm not sure, we should return ERR_NO_SUCH_OBJECT if the object is
deleted.
> Jelmer, is there a way to overload the Ldb.Dn class, within python?
> Then we could backport the pylddb patches in a Samba specific file,
> so that dbcheck can work with an older system pyldb.
In the past, we just required that the LDB be upgraded in-sync.
Andrew Bartlett
More information about the samba-technical
mailing list