4.5.0 upgrade samba-tool dbcheck errors
repenny241155 at gmail.com
Mon Oct 24 08:32:29 UTC 2016
On Sat, 22 Oct 2016 09:22:12 +1300
Andrew Bartlett <abartlet at samba.org> wrote:
> On Fri, 2016-10-21 at 15:07 +0300, Sergey Urushkin wrote:
> > Tried that patch, tombstones expunge fixed hundreds of errors,
> > thanks!
> > But there are several left. They are not about deleted users but
> > about
> > moving user from one OU to another. All errors are the same type.
> > Here are an example:
> > ERROR: incorrect DN string component for member in object
> > CN=somegroup,OU=someou,DC=domain,DC=ru -
> > <GUID=6569ac84354340438c14f7b8b744754e>;<RMD_ADDTIME=1309370274500000
> > 00>;<RMD_CHANGETIME=131190924050000000>;<RMD_FLAGS=1>;<RMD_INVOCID=97
> > c8a71070f8c94c9885831ce70a9243>;<RMD_LOCAL_USN=156511>;<RMD_ORIGINATI
> > NG_USN=156511>;<RMD_VERSION=1>;<SID=0105000000000005150000005828a2110
> > 3556789021ea743330f0000>;CN=someuser,OU=anotherou,DC=domain,DC=ru
> > Not fixing string component mismatch
> > Some time ago (couple of days/weeks, before upgrading to 4.5)
> > "someuser"
> > was inside "anotherou", now it is not. When I move "someuser" back
> > to
> > that OU error disappears, but when I move it back to the current OU
> > the
> > error appears again.
> > I'm not sure if it is a part of the same issue or completely
> > another, so
> > I wrote this text here, not in 12385.
> > Please, tell me how could I help to solve this problem.
> Once a user is removed from a group, the backlink that we use to track
> and catch user renames is taken away. That means that the forward
> link has no way of knowing, before a dbcheck, that it is pointing at
> the wrong DN.
Yes, but the OP isn't removing the user from the group, he is moving
the user to another ou, so I suppose the question is, how?
It should be done by a 'rename' operation and this should not only
change the users 'dn' and 'distinguishedName' attributes, it should
also update the users 'member' attribute in the groups object.
User 'testuser2' is a member of 'TestGroup', move the user from
'CN=Users' to 'OU=tetsou'
samba-tool user move testuser2 --newou=testou
Before the move the attributes that change, looked like this:
The relevant line in the group object before the move:
So how is the user getting a deleted object for something that
shouldn't be a deleted object ?
More information about the samba-technical