[Samba] Replication Problem with Deleted Object on Samba 4.1.17 [SOLVED]

Achim Gottinger achim at ag-web.biz
Wed Jul 22 00:59:50 UTC 2015 

Am 22.07.2015 um 02:04 schrieb Achim Gottinger:
>
> Am 21.07.2015 um 20:26 schrieb Achim Gottinger:
>> Hello List,
>>
>> Im running an network with five samba 4 addc, all on debian wheezy 
>> with the sernet packages. Recently an replication error showed up for 
>> an single Computer (WIN7-M-ADMIN) record. So I unjoined the pc from 
>> the domain deleted it's record from dc1 manually on the other dc's it 
>> had been removed automaticaly during unjoin.
>> Now I get the following error
>>
>> [2015/07/21 20:15:40.113205,  0] 
>> ../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
>>   ldb: No objectClass found in replPropertyMetaData for 
>> CN=WIN7-M-ADMIN\0ADEL:a8530d8e-1767-4f6b-8fe9-ce11a51b295c,CN=Deleted 
>> Objects,DC=domain,DC=local!
>>
>> [2015/07/21 20:15:40.113772,  0] 
>> ../source4/dsdb/repl/replicated_objects.c:783(dsdb_replicated_objects_commit)
>>   Failed to apply records: replmd_replicated_apply_add: error during 
>> DRS repl ADD: No objectClass found in replPropertyMetaData for 
>> CN=WIN7-M-ADMIN\0ADEL:a8530d8e-1767-4f6b-8fe9-ce11a51b295c,CN=Deleted 
>> Objects,DC=domain,DC=local!
>>   : Object class violation
>> [2015/07/21 20:15:40.114277,  0] 
>> ../source4/dsdb/repl/drepl_out_helpers.c:758(dreplsrv_op_pull_source_apply_changes_trigger)
>>   Failed to commit objects: 
>> WERR_GENERAL_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
>>
>> Joing does not help the Computer shows up on dc's 2-4 but not on dc1.
>>
>> On dc1 there is no record for win7-m-admin neighter an deleted one.
>>
>> samba-tool dbcheck -cross-ncs show's no errors on all dc's.
>> samba-tool ldbcmp detects an missing win7-m-admin record on dc1.
>>
>> An year back it was possible to remove Deleted Object with ldbdel
>>
>> Now:
>> ldbdel --show-deleted --extended-dn -H /var/lib/samba/private/sam.ldb 
>> -b "CN=Deleted Objects,DC=domain,DC=local" 
>> '<GUID=a8530d8e-1767-4f6b-8fe9-ce11a51b295c>'
>> Results in:
>> delete of '' failed - (Unwilling to perform) Refusing to delete 
>> tombstone object 
>> CN=WIN7-M-ADMIN\0ADEL:a8530d8e-1767-4f6b-8fe9-ce11a51b295c,CN=Deleted 
>> Objects,DC=fot,DC=local.  This check is to prevent corruption of the 
>> replicated state.
>>
>> I'd just purge this record from dc's 2-4 and rejoin the computer once 
>> again but unfortunately this is no longer possible because of this 
>> new check. Is there an way to force the deletion, because the 
>> replicated state is already corrupted?
>>
>> Thanks in advance
>> Achim~
>>
> Fixed it with
>
> samba-tool drs replicate dc2 dc1 DC=fot,DC=local --full-sync
>
> and so on till samba-tool drs showrepl showed no more errors on all dc's
NT

More information about the samba mailing list