[Samba] No such Base DN: CN=Produktion A-Studio (alt?), CN=Users, DC=srg2, DC=local / RSAT
Niels Dettenbach
nd at syndicat.com
Thu May 26 09:44:42 UTC 2016
Hi colleagues,
it seems i've hit a bug in SAMBA as follows:
The local windows network admin of our local radio station filled / transferred some user account data into our new FreeNAS by the Win RSAT. We are setting up SAMBA as a PDC incl. directory service and use the current stable FreeNAS with its current SAMBA "4.3.6-GIT-UNKNOWN"
One account name
"produktion-a"
resulted in some "weird" chars within the CN string:
CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local
which seems to make further problems - i.e. the records inaccessible by samba-tool and ldbedit:
~# samba-tool dbcheck --fix
Checking 448 objects
ERROR: incorrect GUID component for member in object CN=redaktion,CN=Users,DC=srg2,DC=local - <GUID=35115b3b-264b-431f-a8a0-e2812d434fde>;<SID=S-1-5-21-3768878909-3194017282-2874830551-1170>;CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local
unable to find object for DN CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local - (No such Base DN: CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local)
Not removing dangling forward link
ERROR: incorrect GUID component for member in object CN=freie,CN=Users,DC=srg2,DC=local - <GUID=35115b3b-264b-431f-a8a0-e2812d434fde>;<SID=S-1-5-21-3768878909-3194017282-2874830551-1170>;CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local
unable to find object for DN CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local - (No such Base DN: CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local)
Not removing dangling forward link
ERROR: incorrect GUID component for member in object CN=radioclient,CN=Users,DC=srg2,DC=local - <GUID=35115b3b-264b-431f-a8a0-e2812d434fde>;<SID=S-1-5-21-3768878909-3194017282-2874830551-1170>;CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local
unable to find object for DN CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local - (No such Base DN: CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local)
Not removing dangling forward link
Checked 448 objects (3 errors)
Automatic fixing seems not possible so far....
I tried to recreate and delete the user "produktion-a" by samba-tool and clean / get it work with ldbedit (incl. "--relax" option) - i.e.:
- changing all occurences of "Produktion A-Studio (alt?)" into "Produktion A-Studio alt"
- deleting all existing occurences of this user (user record, membership records)
and get errors like:
~#ldbedit --relax -e nano -H /var/db/system/samba4/private/sam.ldb
failed to delete CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local - No such Base DN: CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local
~# ldbedit -e nano -H /var/db/system/samba4/private/sam.ldb --cross-ncs "CN=Produktion A-Studio (alt?),CN=Users,DC=srg2,DC=local"
no matching records - cannot edit
For me it seems as the "?" or "()" in the identifier strings are breaking some kind of policies (if so they did not had to be accepted) and/or make it impossible to find / select the record and/or breaks references within the DB.
How can i reach that orphan records to get them out / cleaned?
Many thanks for any help / hint.
Niels.
i.A.
StadtRadio Göttingen 107,1 MHz
http://www.stadtradio-goettingen.de
--
---
Niels Dettenbach
Syndicat IT & Internet
http://www.syndicat.com
PGP: https://syndicat.com/pub_key.asc
---
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.samba.org/pipermail/samba/attachments/20160526/01dc5139/signature.sig>
More information about the samba
mailing list