[Samba] unique index violation on objectSid
zvn at belkam.com
Wed Jun 29 07:11:25 UTC 2016
28.06.2016 18:44, mathias dufresne:
> I love diving : )
I have dived. :)
Replacement of RidNextRid to last value of rIDPreviousAllocationPool
allows to solve this problem (at least temporarily).
I am begun from RID master:
[root at pdc ~]# ldbsearch -H /var/lib/samba/private/sam.ldb CN="RID Set"
-b CN="PDC,OU=Domain Controllers,DC=ad,..."
rIDPreviousAllocationPool: 1600-2099 (current pool, in my case)
rIDAllocationPool: 2600-3099 (next pool)
Then take ldbedit with same parameters and change rIDNextRID to 2099 (I
think, this can be do via ADSIEdit, connected to this controller, in XP
, but not in Win7...)
But after that is necessary to create new objects on the controller,
where rIDNextRID was changed (via ADUC, connect to this controller, or
via samba-tool, shell on this controller)
Im my case, on RID master new values of rIDPreviousAllocationPool and
rIDAllocationPool now 2600-3099 both, I am don't know, what does it
mean, but I think it is because on other controllers used range
3100-3599, and master will recalculate pools to new values.
It is possible to look at ranges and distribution of values approximately so
[root at pdc ~]# ldbsearch -H /var/lib/samba/private/sam.ldb.d/DC\=AD...ldb
objectSid |grep objectSid|sort|less
This operation should be repeated locally on each controller after at
the RID master everything is corrected, then the RID ranges on
controllers will correctly change, I think, but I didn't check.
More information about the samba