Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Samba] Samba 4.5.0 dbcheck problems

138 views
Skip to first unread message

Chris Alavoine via samba

unread,
Oct 12, 2016, 9:00:03 AM10/12/16
to
Hi all,

I've recently upgraded all our DC's (we have 9 spread over various global
Sites) to 4.5.0.

I run a dbcheck on our FSMO-owner DC once per day from a cron job and this
threw up a ton of errors on the first pass after the upgrade. After running
it several times with the --fix flag I've got the errors down to 603 but
these last errors are refusing to be removed.

Here is an example of each type:

Example1:
*ERROR: incorrect GUID component for member in object
CN=examplegroup,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=77ad92b5ade70e449dcc481624928310>;<RMD_ADDTIME=130393476680000000>;<RMD_CHANGETIME=130976799640000000>;<RMD_FLAGS=1>;<RMD_INVOCID=98307faefea70749933e6946b1b14420>;<RMD_LOCAL_USN=1445979>;<RMD_ORIGINATING_USN=303848>;<RMD_VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6a6b4d25a0000>;CN=simon.test,CN=Users,DC=example,DC=internal,DC=com*

Example2:
*ERROR: incorrect DN string component for member in object
CN=admin-group-001,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=38370cfc-6751-49bb-945e-d2b5e028f0f3>;<RMD_ADDTIME=130941544260000000>;<RMD_CHANGETIME=130941560040000000>;<RMD_FLAGS=1>;<RMD_INVOCID=a65d0f39-311e-4031-aa56-a8585bfc1b8f>;<RMD_LOCAL_USN=1443123>;<RMD_ORIGINATING_USN=1443123>;<RMD_VERSION=1>;<SID=S-1-5-21-960489704-2319512605-3030828643-1219569>;CN=user.test,OU=Test
OU,DC=example,DC=internal,DC=com*

Example3:
*unable to find object for DN
CN=test.user2,CN=Users,DC=example,DC=internal,DC=com - (No such Base DN:
CN=test.user2,CN=Users,DC=example,DC=internal,DC=com)*
*Not removing dangling forward link*

I have edited these entries to maintain anonymity.

Any ideas on how to remove these errors?

Replication appears to be working fine between all DCs (aside from one that
is showing a WERR_BADFILE error, although I don't think this is related),
we are able to use the domain as normal and performance seems good. Would
be nice to clean up these errors though.

Thanks,
Chris.


--
ACS (Alavoine Computer Services Ltd)
Chris Alavoine
mob +44 (0)7724 710 730
www.alavoinecs.co.uk
http://twitter.com/#!/alavoinecs
http://www.linkedin.com/pub/chris-alavoine/39/606/192
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

lingpanda101--- via samba

unread,
Oct 12, 2016, 9:30:03 AM10/12/16
to

I had similar issues. The GUID errors should be harmless. See my thread
for reference.

http://samba.2283325.n4.nabble.com/replPropertyMetaData-amp-KCC-issues-after-updating-to-Samba-4-5-0-td4707962.html#a4708208

--
-James

Tim Dittler via samba

unread,
Oct 13, 2016, 4:10:03 AM10/13/16
to
Here is the related bug report:
https://bugzilla.samba.org/show_bug.cgi?id=12297

Best regards,
Tim


--

Chris Alavoine via samba

unread,
Dec 7, 2016, 7:30:02 AM12/7/16
to
Hi all,

I've now upgraded to Samba-4.5.2 and I've tried running:

samba-tool domain tombstones expunge

but I simpley get:

Removed 0 objects and 0 links successfully, however I'm still seeing
several hundred errors when running a dbcheck with the "not remocing
dangling forward link" error.

I've checked my time.py and it has been renamed so the expunge process
should be using nettime.py.

Any ideas? Aside from removing the entries manually using ldbedit.

c:)

> mob +44 (0)7724 710 730 <07724%20710730>

Andrew Bartlett via samba

unread,
Dec 7, 2016, 10:30:03 PM12/7/16
to
On Wed, 2016-12-07 at 12:23 +0000, Chris Alavoine via samba wrote:
> Hi all,
>
> I've now upgraded to Samba-4.5.2 and I've tried running:
>
> samba-tool domain tombstones expunge
>
> but I simpley get:
>
> Removed 0 objects and 0 links successfully, however I'm still seeing
> several hundred errors when running a dbcheck with the "not remocing
> dangling forward link" error.
>
> I've checked my time.py and it has been renamed so the expunge
> process
> should be using nettime.py.
>
> Any ideas? Aside from removing the entries manually using ldbedit.
>
> c:)

We would need to know more about what the dandling forward links are.
Also, does master do something different (we thought we backported the
patches, but please check to be sure).

Thanks,

Andrew Bartlett

Chris Alavoine via samba

unread,
Dec 8, 2016, 3:20:02 AM12/8/16
to
Hi Andrew,

Thanks for the reply.

I've now tested this on my production rig and the results are better; I'm
only seeing 6 errors when I run a dbcheck (compared with over 400 on my
test rig). Here are the complete sanitized entries:

@DC2:~# samba-tool dbcheck --cross-ncs --fix --yes

Checking 9216 objects

ERROR: no target object found for GUID component for fSMORoleOwner in
object CN=Infrastructure,DC=ForestDnsZones,DC=example,DC=internal,DC=com -
<GUID=e70cbd4f-9230-4c4e-b5f5-3ea45707db50>;CN=NTDS
Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=internal,DC=com

Not removing dangling forward link

ERROR: no target object found for GUID component for member in object
CN=marketers,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=be3279db9e1a1a4e8fba49413b96434a>;<RMD_ADDTIME=131117682830000000>;<RMD_CHANGETIME=131127219650000000>;<RMD_FLAGS=1>;<RMD_INVOCID=390f5da61e313140aa56a8585bfc1b8f>;<RMD_LOCAL_USN=1482194>;<RMD_ORIGINATING_USN=1482194>;<RMD_VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6a6b475aa1200>;CN=test.user1,CN=Deleted
Objects,DC=example,DC=internal,DC=com

Not removing dangling forward link

ERROR: no target object found for GUID component for member in object
CN=clients,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=be3279db9e1a1a4e8fba49413b96434a>;<RMD_ADDTIME=131117682830000000>;<RMD_CHANGETIME=131127219650000000>;<RMD_FLAGS=1>;<RMD_INVOCID=390f5da61e313140aa56a8585bfc1b8f>;<RMD_LOCAL_USN=1482195>;<RMD_ORIGINATING_USN=1482195>;<RMD_VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6a6b475aa1200>;CN=test.user1,CN=Deleted
Objects,DC=example,DC=internal,DC=com

Not removing dangling forward link

ERROR: no target object found for GUID component for member in object
CN=media,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=be3279db9e1a1a4e8fba49413b96434a>;<RMD_ADDTIME=131117682830000000>;<RMD_CHANGETIME=131127219650000000>;<RMD_FLAGS=1>;<RMD_INVOCID=390f5da61e313140aa56a8585bfc1b8f>;<RMD_LOCAL_USN=1482193>;<RMD_ORIGINATING_USN=1482193>;<RMD_VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6a6b475aa1200>;CN=test.user1,CN=Deleted
Objects,DC=example,DC=internal,DC=com

Not removing dangling forward link

ERROR: no target object found for GUID component for member in object
CN=vpn_restricted,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=823468b93644584a81beb97836d3cd84>;<RMD_ADDTIME=131105595960000000>;<RMD_CHANGETIME=131111019710000000>;<RMD_FLAGS=1>;<RMD_INVOCID=390f5da61e313140aa56a8585bfc1b8f>;<RMD_LOCAL_USN=1478680>;<RMD_ORIGINATING_USN=1478680>;<RMD_VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6a6b4e49c1200>;CN=test.user2,CN=Users,DC=example,DC=internal,DC=com

Not removing dangling forward link

ERROR: no target object found for GUID component for member in object
CN=contractor,OU=Groups,DC=example,DC=internal,DC=com -
<GUID=823468b93644584a81beb97836d3cd84>;<RMD_ADDTIME=131105595960000000>;<RMD_CHANGETIME=131111019710000000>;<RMD_FLAGS=1>;<RMD_INVOCID=390f5da61e313140aa56a8585bfc1b8f>;<RMD_LOCAL_USN=1478679>;<RMD_ORIGINATING_USN=1478679>;<RMD_VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6a6b4e49c1200>;CN=test.user2,CN=Users,DC=example,DC=internal,DC=com

Not removing dangling forward link

Checked 9216 objects (6 errors)

I'm in the process of rolling 4.5.2 out to all my DC's but this is taken
from the FSMO roles holder DC.

Cheers,
c:)

0 new messages