[Samba] ldbadd issue on Samba 4.1.13 AD DC
rpenny at samba.org
Tue Feb 9 20:48:57 UTC 2016
On 09/02/16 19:59, Allen Chen wrote:
> Hi there,
> I have Samba 4.1.13 AD DC compiled on CentOS 6.2 (32bit). Everything
> is working fine.
> Issue: ldbadd cannot re-add a deleted user account.
> What I did:
> 1. save user account
> # ./bin/ldbsearch -H /usr/local/samba/private/sam.ldb
> sAMAccountName=krtu > ./user-add.ldif
> 2. delete the user account
> # ./bin/ldbdel -H /usr/local/samba/private/sam.ldb
> This user has been deleted. ldbsearch couldn't find it.
> 2. add it back again
> First remove the following attr from the saved file user-add.ldif
> Then ldbadd gives the error:
> # ./bin/ldbadd -H /usr/local/samba/private/sam.ldb ./user-add.ldif
> ERR: Entry already exists : "../lib/ldb/ldb_tdb/ldb_index.c:1216:
> Failed to re-index objectSid in CN=krtu,CN=Users,DC=mydomain,DC=com -
> ../lib/ldb/ldb_tdb/ldb_index.c:1148: unique index violation on
> objectSid in CN=krtu,CN=Users,DC=mydomain,DC=com" on DN
> CN=krtu,CN=Users,DC=mydomain,DC=com at block before line 36
> Add failed after processing 0 records
> Is it normal?
Two things spring to mind, first, why would you want to delete a user
and then recreate it again.
Secondly, the users SID comes in two parts, the SID (this is used for
for all domain objects) and a RID, this RID comes from a pool and this
may be your problem.
Can we see the ldif you used (suitably sanitized).
More information about the samba