[Samba] cannot add dc to samba v4.1
Andrew Bartlett
abartlet at samba.org
Thu Oct 17 15:31:46 MDT 2013
On Thu, 2013-10-17 at 19:21 +0300, Nikos Mitas wrote:
> Hello,
>
>
> today i restored samba4dc1 machine with version 4.1-rc03, with 10000
> objects
>
> i ran samba-tool dbcheck --fix with no errors:
> root@ /root/scripts #samba -V
> Version 4.1.0rc3
> root@ /root/scripts #samba-tool dbcheck --fix
> Checking 10022 objects
> Checked 10022 objects (0 errors)
>
>
> after that i upgraded samba to v4.1
>
> and ran again samba-tool dbcheck --fix and now we have errors
>
> root@ /root/scripts #samba -V
> Version 4.1.0
> root@ /root/scripts #samba-tool dbcheck --fix
> Checking 10022 objects
> ERROR: on replPropertyMetaData of CN=Deleted
> Objects,DC=samdom,DC=example,DC=com, the instanceType on attribute
> 0x0000000d,
> version 2 changed at Mon Sep 23 16:40:44
> 2013 is 00000000-0000-0000-0000-000000000000,
> but should be non-zero. Proposed fix is to
> set to our invocationID (af2aca60-85e6-42bc-8e5e-c1c8f0298070).
> ERROR: on replPropertyMetaData of CN=Deleted
> Objects,DC=samdom,DC=example,DC=com, the instanceType on attribute
> 0x000200a9,
> version 2 changed at Mon Sep 23 16:40:44
> 2013 is 00000000-0000-0000-0000-000000000000,
> but should be non-zero. Proposed fix is to
> set to our invocationID (af2aca60-85e6-42bc-8e5e-c1c8f0298070).
> ERROR: on replPropertyMetaData of CN=Deleted
> Objects,DC=samdom,DC=example,DC=com, the instanceType on attribute
> 0x0009030e,
> version 2 changed at Mon Sep 23 16:40:44
> 2013 is 00000000-0000-0000-0000-000000000000,
> but should be non-zero. Proposed fix is to
> set to our invocationID (af2aca60-85e6-42bc-8e5e-c1c8f0298070).
> ERROR: on replPropertyMetaData of CN=Deleted
> Objects,DC=samdom,DC=example,DC=com, the instanceType on attribute
> 0x00090364,
> version 2 changed at Mon Sep 23 16:40:44
> 2013 is 00000000-0000-0000-0000-000000000000,
> but should be non-zero. Proposed fix is to
> set to our invocationID (af2aca60-85e6-42bc-8e5e-c1c8f0298070).
> ERROR: on replPropertyMetaData of CN=Deleted
> Objects,DC=samdom,DC=example,DC=com, the instanceType on attribute
> 0x0009080a,
> version 1 changed at Mon Sep 23 16:40:44
> 2013 is 00000000-0000-0000-0000-000000000000,
> but should be non-zero. Proposed fix is to
> set to our invocationID (af2aca60-85e6-42bc-8e5e-c1c8f0298070).
> Fix replPropertyMetaData on CN=Deleted
> Objects,DC=samdom,DC=example,DC=com by setting
> originating_invocation_id on some elements to our invocationID
> af2aca60-85e6-42bc-8e5e-c1c8f0298070? [y/N/all/none] all
>
>
> on both cases samba-tool took 5 minutes
>
>
> but
>
>
> on the production machine (with 40000 objects) i cannot do the same
>
>
> is there any chance to run a consistency check to samba db other than
> samba-tool dbcheck
>
> or to manually delete/update the replPropertyMetaData ?
Not really, and you need to be able to run dbcheck.
Essentially you have discovered the outer limits to what some of our
tools can scale to without work to reduce the algorithmic complexity.
There are not any easy fixes from here, your best bet is to start to
understand the code (in dbcheck, our ldb stack and in ldb_tdb) and then
propose patches to reduce the algorithmic complexity.
I would start by seeing if the issues can be reproduced with ldbsearch,
for example.
I realise this changes the task from implementation to development, but
I think at the scale you suggest, this won't be the last such issue.
On the flip side, I'm really pleased to see projects this size, and the
fact that you have got to this point successfully suggests that the
remaining issues will be solvable, once found.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz
More information about the samba
mailing list