[Samba] Duplicate (not so) single-valued attributes on some DCs?

Sven Schwedas sven.schwedas at tao.at
Wed Jan 7 07:01:28 MST 2015

We've run into a small issue over the holidays (I can't pinpoint it due
to nobody being in the office for the past three weeks and thus not
noticing anything): At least one LDAP entry has an (single-valued!)
attribute duplicated on *some* DCs, but not all of them – and said
attribute hasn't been modified in six months.

Microsoft's ADSI just crashes when trying to open the entry on these
servers (servers that see only one value open fine).

ldbedit doesn't let me delete the second value (It reports "0 adds  0
modifies  0 deletes" when trying), modifying one value changes either or
both values, but never deletes any. The changes are correctly replicated
back to the other nodes, which only see the changed value. If I try to
change both values, I correctly get an "<0000200D: SINGLE-VALUE
attribute … specified more than once>" error message.

Is this a known (replication?) issue? How can I fix it? Re-join the DCs
to the domain? How would I do this without fucking up other things?

Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20150107/2c9cbff0/attachment.pgp>

More information about the samba mailing list