[Samba] possible to use ldbedit in a safe way
Rowland Penny
rpenny at samba.org
Mon Oct 16 15:13:26 UTC 2017
On Mon, 16 Oct 2017 16:53:17 +0200
mj via samba <samba at lists.samba.org> wrote:
> Hi,
>
> dbcheck tells us we have two "dangling forward links" that I am
> trying to get rid of. On my test domain, I have simply done
>
> ldbedit -e nano -H ./CN=CONFIGURATION,DC=SAMBA,DC=COMPANY,DC=COM
>
> to remove them.
>
> While that seems to have worked nicely, dbcheck report zero errors
> now, it is something that I should never have done, or do in
> production, according to Andrew:
>
> "We realise this is a difficult problem for you and other users, but
> NEVER, EVER do that."
>
> So, question: is there a SAFE way to easily get rid of those two
> "dangling forward links"?
>
> (they are Replica-Locations for a DC that has been removed years ago)
>
> MJ
>
If you need to edit the NCs in sam.ldb.d, use '--cross-ncs' with the
ldb command, this allows you safely change things. There have been
reports of AD being destroyed by directly editing the ldb's in sam.ldb.d
Rowland
More information about the samba
mailing list