[Samba] LDB integrity problem
Daniel Fenert
daniel at fenert.pl
Sat Oct 18 11:56:01 MDT 2014
Just for the record:
I've tried compiling 4.1.12 and running samba-tool on ldb copy -
samba-tool dbcheck --fix did solve the problem (it removed duplicate
accounts).
So in the end I'm running 4.1.11 from Ubuntu 14.10.
W dniu 2014-10-17 o 15:05, Daniel Fenert pisze:
> Hi,
>
> I've done upgrade from Ubuntu 13.04 (samba 4.0 alpha) -> 13.10 -> 14.04
> (samba 4.1.6).
>
> Now it looks I've lost some accounts. samba-tool dbcheck reports
> problems but cannot fix them with --fix param:
>
> ERROR: incorrect GUID component for member in object
> CN=MobileEX,CN=Users,DC=yyy-local,DC=localdomain -
> <GUID=95ec7854-e241-4eaa-9d26-1b836a5cd4b3>;<SID=S-1-5-21-1237243695-3358403904-2149330157-1233>;CN=XXX,CN=Users,DC=yyy-local,DC=localdomain
> unable to find object for DN CN=XXX,CN=Users,DC=yyy-local,DC=localdomain
> - (No such Base DN: CN=XXX,CN=Users,DC=yyy-local,DC=localdomain)
> Not removing dangling forward link
> Please use --fix to fix these errors
> Checked 355 objects (24 errors)
>
> I don't see these accounts while connecting through LDAP protocol,
> ldbsearch also is not finding it while asking for specific DN:
>
> # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs -b
> 'CN=XXX,CN=Users,DC=yyy-local,DC=localdomain'
> search error - No such Base DN: CN=XXX,CN=Users,DC=yyy-local,DC=localdomain
>
> But when searching whole CN=Users lost accounts are shown:
>
> # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs -b
> 'CN=Users,DC=yyy-local,DC=localdomain'
> ....
> # record 93
> dn: CN=XXX,CN=Users,DC=yyy-local,DC=localdomain
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> .....
>
> Another interesting thing - I've tried adding few of lost users, and now
> ldbsearch shows 2 entries with same DN!
> # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs -b
> 'CN=Users,DC=yyy-local,DC=localdomain' |grep ZZZ
> dn: CN=ZZZ,CN=Users,DC=yyy-local,DC=localdomain
> sn: Rybicki
> dn: CN=ZZZ,CN=Users,DC=yyy-local,DC=localdomain
> sn: Rybicki
>
> Any ideas how I can revive these users?
> It's really important for me to get them back with unchanged GUID...
>
More information about the samba
mailing list