[Samba] Previously extended schema not working in 4.4.0
Andrew Bartlett
abartlet at samba.org
Fri Apr 15 01:31:46 UTC 2016
On Fri, 2016-04-15 at 00:32 +0100, Jonathan Hunter wrote:
> Thank you Andrew, really appreciated.
>
> I have now run 'samba-tool dbcheck --cross-ncs --fix' and it has
> successfully fixed some errors; there were 110 previously, however
> there are still 69 remaining after a second pass of dbcheck --fix.
>
> The remaining errors seem to be mainly of this form:
>
> ERROR: duplicate attributeID values for myattrib in
> replPropertyMetaData on
> MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk
>
> Fix replPropertyMetaData on
> MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk by removing the
> duplicate value 0x00290003 for myattrib (keeping 0xbd27f44d5)? [YES]
> [...]
> ERROR: incorrect attributeID values in replPropertyMetaData on
> MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk
>
> Fix replPropertyMetaData
> on MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk by replacing
> incorrect value 0x00290001 for et (new 0x00290001)? [YES]
> No rDN found in replPropertyMetaData
> for MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk!
>
> Failed to fix attribute replPropertyMetaData : (19,
> 'replmd_update_rpmd: No rDN found in replPropertyMetaData
> for MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk [YES]
>
> I've had a brief look at one of the objects in question
> (myobj=object1,ou=myou) using ldbsearch, and it looks OK to my
> untrained eye, there is a dn: of
> MYOBJ=object1,OU=myou,DC=mydomain,DC=org,DC=uk and also a
> distringuishedName: of the same; there is a "myobj: object1"
> attribute, and the usual objectClass/GUID/etc..
>
> Do you know precisely what it is looking for in terms of rDN in
> replPropertyMetaData? I can have a look there and see if I can find
> it.
>
> Or - given that I have taken a backup via 'ldbsearch -s sub -b
> ou=myou,dc=...' - am I better off removing this entire OU (which is
> the only place I have created these objects), and restoring it? Can I
> play back an LDIF generated via ldbsearch safely - will I get the
> same GUIDs, creation dates, etc.?
>
> That does feel a little like 'giving up'; and I am very happy to
> investigate further if it will help find any gaps or corner cases
> that could be used to improve the codebase - but equally, if this
> isn't particularly interesting and it can be quickly fixed by a
> delete / restore, then I'm happy to do that also :)
No, a delete probably won't help, the deleted object stays around as a
tombstone, and you can't recreate it with the same guid.
Because the custom schema attribute myobj was also the RDN, it hit a
case we haven't tested yet.
We probably need to fix further our test scripts.
Please file a bug, with the relevent replPropertyMetaData in base64 and
with the --show-binary argument to ldbsearch if possible.
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list