[PATCH] Fix: Failed to remove backlink of memberOf when deleting dsdb_module_search_dn: did not find base dn
Andrew Bartlett
abartlet at samba.org
Thu Oct 19 18:28:39 UTC 2017
On Thu, 2017-10-19 at 15:35 +0000, Andrej Gessel via samba-technical
wrote:
> Hello list,
>
> I had some replication issues with Samba 4.7.0 as RODC:
> https://lists.samba.org/archive/samba/2017-October/211536.html
>
> Failed to apply records: ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:4218: Failed to remove backlink of memberOf when deleting CN=USER\0ADEL:a1f2a2cc-1179-4734-b753-c121ed02a34c,CN=Deleted Objects,DC=samdom,DC=intern: dsdb_module_search_dn: did not find base dn CN=GROUP\0ADEL:030d0be1-3ada-4b93-8371-927f20923116,CN=Deleted Objects,DC=samdom,DC=intern (0 results): Operations error
> Failed to commit objects: WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
>
> I maybe found the solution for this issue, the search request do not find base dn because DSDB_SEARCH_SHOW_DELETED flag was not set.
Very, very interesting. I think it is correct, the only thing we will
need is a test.
The test will actually be a bit tricky to create, as current Samba will
strip the links when the object is first deleted, so there can't be
links to a deleted object, but older Samba versions were not so well
behaved. To test it, I'll have to do some of those evil backend
modifications in the that I keep telling folks not to do ;-)
I'll probably extend
testprogs/blackbox/tombstones-expunge.sh but you are most welcome to
have a go if you like!
Thank you very much!
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list