[Samba] skip chunk if "DRS linked attribute for GUID - DN not found"
Andrew Bartlett
abartlet at samba.org
Tue Jun 13 23:34:56 UTC 2017
On Tue, 2017-06-13 at 12:01 +0000, Andrej Gessel via samba wrote:
> Hello everyone,
>
> i try to use Samba RODC(4.6.5) with W2K8R2. Windows AD has around
> 35000 objects. My Samba machine is small one (ARM 32bit CPU) with
> only 2GB physical memory, so i can’t join to the domain because of
> expensive memory usage.
> To solve this Problem, i decide to replicate only critical objects
> and then let samba_kcc to get other objects.
>
> 1 ) Is this an possible way to use Samba AD or should i replicate all
> objects while joining new ad?
>
> As result i got fast join and no more problems with memory usage.
> But i got some other errors for example:
>
> ../source4/dsdb/repl/replicated_objects.c:933 Failed to prepare
> commit of transaction: DRS linked attribute for GUID 6709d915-7dfb-
> 41bf-b695-dd1a798d7718 - DN not found
>
> Object with this objectGUID exists in AD, but was not replicated yet.
> So i create to patches follow to skip the chunks with „problem“-
> objects and try to get the other missing objects with effect, that
> links can be created and i can replicate rest.
>
> 2) Is it rigth way to raise replication on such errors? Maybe it is
> better to skip the chunk and replicate other stuff first and let
> samba_kcc do his work and repeat the skiped chunks?
Tim Beale (CC'ed) is working to improve the Samba behaviour here,
hopefully for Samba 4.7. It isn't safe to skip objects or links, as
you won't ever get them again. This can lead to ongoing replication
corruption.
A full sync would tend to fix it up again, but I can't suggest this
approach.
We know there are dragons here!
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list