[Samba] SID ... conflicts with our current RID set in ...
Marco Gaiarin
gaio at sv.lnf.it
Tue Jun 1 16:07:54 UTC 2021
Doing some health check on my samba AD domain, i've got this:
root at vdcpp1:~# samba-tool dbcheck --cross-ncs
Checking 5173 objects
[... some warnings...]
SID S-1-5-21-160080369-3601385002-3131615632-2100 for CN=ENRICO,OU=Computers,OU=SanVito,OU=FVG,DC=ad,DC=fvg,DC=lnf,DC=it conflicts with our current RID set in CN=RID Set,CN=VDCPP1,OU=Domain Controllers,DC=ad,DC=fvg,DC=lnf,DC=it
Please use --fix to fix these errors
Checked 5173 objects (1 errors)
Two question:
1) why this error is DC specific and not domain-wide? DC RID is not
written in AD but only in local DB?
If i run 'samba-tool dbcheck --cross-ncs' in another DC, there's no error...
2) it is safe to use '--fix'? Or, because 'ENRICO' is a simple windows
pc, it is safer to simply delete 'ENRICO' computer account and rejoin
it?
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list