[Samba] Samba4 AD Corrupted Member

Andrew Bartlett abartlet at samba.org
Tue May 23 00:44:24 UTC 2017 

On Mon, 2017-05-22 at 12:28 -0300, Edson Tadeu Almeida da Silveira via
samba wrote:
> Hi Guys.
> 
> Today i experienced a problem with my samba 4 AD.
> 
> I have a master(AD1) and a member(AD2) in a replicated environment.
> 
> I´ve just checked that my AD2 has some issues when i did this test:
> 
> -------------------------------------------------------------------
> ---------------
> ldbsearch --url=/usr/local/samba/private/sam.ldb '(invocationid=*)'
> --cross-ncs objectguid
> 
> # record 1
> dn: CN=NTDS
> Settings,CN=AD2,CN=Servers,CN=Default-First-Site-
> Name,CN=Sites,CN=Configuration,DC=domain,DC=local
> objectGUID: 3b885301-279f-4dd7-92ce-cc6f6dfd5e34
> 
> # record 2
> dn: CN=NTDS
> Settings,CN=AD1,CN=Servers,CN=Default-First-Site-
> Name,CN=Sites,CN=Configuration,DC=domain,DC=local
> objectGUID: 21a051e3-0e5c-4ffd-af1b-a7edeb348325
> 
> ltdb: tdb(/usr/local/samba/private/sam.ldb.d/DC=DOMAIN,DC=LOCAL.ldb):
> tdb_rec_read bad magic 0xd9fee666 at offset=250263808
> 
> search error - Indexed and full searches both failed!
> -------------------------------------------------------------------
> ---------------
> 
> In my AD1 everything is ok.
> 
> Do you known if there is a way to repair my AD2 ?
> 
> Thanks!

If you do not have any data stranded on AD2, just demote it (samba-tool 
domain demote --remove-other-dead-server) and re-join it. 

However do carefully inspect your hardware, this should only happen if
you have bad hardware or a VM environment that is not propagating 
write barriers. 

If you keep backups you may be able to work out when it happened and
correlate with an unexpected poweroff etc.

I wrote with Rusty a tool ldbdump to recover data from such databases,
if you have stranded data, but returning it to the replicated state is
still non-trivial.

I hope this helps,

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba

More information about the samba mailing list