[Samba] unique index violation on objectGUID, CN=Deleted Objects, DC=samdom, DC=domain

Sun, 27 Jan 2013 20:03:24 -0800

I've grabbed the latest samba4 master branch from git, and am trying to join the samba4 server to an existing domain. However, I'm bumping into a unique index violation, with some objects in the CN=Deleted Objects container. These objects were conflict objects created during some replication issues, and the system admins have already deleted these objects (hence why they are the Deleted Objects container, hah!).
Is the recommendation to just delete these "deleted" objects, or is there some other command-line option in samba-tool that allows us to specify to ignore a specific OU? 


Note that this is the first time I'm doing this (joining an existing AD 
domain), and I get the same result with both 4.0.1 production as well as 
the latest commit (commit bb3238b46f0ffaf0bc8c0e16bdcc1cf5d2cad197, 
Version 4.1.0pre1-GIT-bb3238b).


Here are my logs (samdom.domain and 10.10.1.7 is sanitised output):
===================
root@cndc01s:~/samba-master# kinit administrator
Password for [email protected]:
root@cndc01s:~/samba-master# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [email protected]

Valid starting       Expires              Service principal
28/01/2013 11:03:21  28/01/2013 21:03:24 krbtgt/[email protected]
    renew until 29/01/2013 11:03:21

root@cndc01s:~/samba-master# /usr/local/samba/bin/samba-tool domain join 
samdom.domain DC -Uadministrator --realm=samdom.domain --server=10.10.1.7

Password for [WORKGROUP\administrator]:
workgroup is samdom
realm is samdom.domain
checking sAMAccountName
Adding CN=CNDC01S,OU=Domain Controllers,DC=samdom,DC=domain

Adding 
CN=CNDC01S,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=domain
Adding CN=NTDS 
Settings,CN=CNDC01S,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=domain

Adding SPNs to CN=CNDC01S,OU=Domain Controllers,DC=samdom,DC=domain
Setting account password for CNDC01S$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=samdom,DC=domain
Starting replication

Schema-DN[CN=Schema,CN=Configuration,DC=samdom,DC=domain] objects[402] 
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=samdom,DC=domain] objects[804] 
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=samdom,DC=domain] objects[1206] 
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=samdom,DC=domain] objects[1553] 
linked_values[0]

Analyze and apply schema objects

Partition[CN=Configuration,DC=samdom,DC=domain] objects[402] 
linked_values[57]
Partition[CN=Configuration,DC=samdom,DC=domain] objects[804] 
linked_values[0]
Partition[CN=Configuration,DC=samdom,DC=domain] objects[1206] 
linked_values[0]
Partition[CN=Configuration,DC=samdom,DC=domain] objects[1608] 
linked_values[37]
Partition[CN=Configuration,DC=samdom,DC=domain] objects[1880] 
linked_values[34]

Replicating critical objects from the base DN of the domain
Partition[DC=samdom,DC=domain] objects[106] linked_values[94]
Partition[DC=samdom,DC=domain] objects[364] linked_values[0]
Partition[DC=samdom,DC=domain] objects[534] linked_values[281]
..
Partition[DC=samdom,DC=domain] objects[6239] linked_values[19]
Partition[DC=samdom,DC=domain] objects[6439] linked_values[6]
Partition[DC=samdom,DC=domain] objects[6624] linked_values[123]

Failed to apply records: ../lib/ldb/ldb_tdb/ldb_index.c:1199: Failed to 
re-index objectGUID in 
CN=S-1-5-21-1002020466-2171359742-195674365-1193\0ADEL:62dd3445-a58a-4631-9ab9-673430cb37af\0ACNF:62dd3445-a58a-4631-9ab9-673430cb37af,CN=Deleted 
Objects,DC=samdom,DC=domain - ../lib/ldb/ldb_tdb/ldb_index.c:1131: 
unique index violation on objectGUID in 
CN=S-1-5-21-1002020466-2171359742-195674365-1193\0ADEL:62dd3445-a58a-4631-9ab9-673430cb37af\0ACNF:62dd3445-a58a-4631-9ab9-673430cb37af,CN=Deleted 
Objects,DC=samdom,DC=domain: Entry already exists

Failed to commit objects: WERR_GENERAL_FAILURE
Join failed - cleaning up
checking sAMAccountName
Deleted CN=CNDC01S,OU=Domain Controllers,DC=samdom,DC=domain

Deleted CN=NTDS 
Settings,CN=CNDC01S,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=domain
Deleted 
CN=CNDC01S,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=domain
ERROR(<type 'exceptions.TypeError'>): uncaught exception - Failed to 
process chunk: NT_STATUS_UNSUCCESSFUL
  File 
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", 
line 175, in _run

    return self.run(*args, **kwargs)

  File 
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", 
line 552, in run

    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)

  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", 
line 1104, in join_DC

    ctx.do_join()

  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", 
line 1009, in do_join

    ctx.join_replicate()

  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", 
line 748, in join_replicate

    replica_flags=ctx.domain_replica_flags)

  File 
"/usr/local/samba/lib/python2.7/site-packages/samba/drs_utils.py", line 
252, in replicate

    schema=schema, req_level=req_level, req=req)
===================

Thanks for any comments.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to