samba-tool ldapcmp and rodc and instanceType attribute
abartlet at samba.org
Thu Nov 13 21:50:22 MST 2014
On Mon, 2014-11-10 at 21:36 +0100, Denis Cardon wrote:
> Hi all,
> I was doing some cleansing of replicated DC recently, I tried a ldapcmp
> between the central DC and a remote RODC. samba-tool ldapcmp already
> ignore some attribute, but I think it should also ignore the
> instanceType attribute.
> Difference in attribute values:
> instanceType =>
> 0x00000004 value means that the entry is read/write on that directory,
> which is indeed not the case on the RODC (so the reported error is
> actually a correct case)
> Digging a little more in my RODC, I realized that many DNS entries has a
> 0x00000004 value... and only recently created entries has the 0x00000000
> This is probably a former bug that has been solved I guess. Do you all
> advise to make a full sync of the remote partition when one upgrade to a
> newer version to cleanup this kind of issue?
We should be able to clean that up with either a current or improve
dbcheck tool. (We know pretty well what the values should be).
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical