All Samba 4.0 versions since alpha13 will, when replicating a value to a remote client/server, replace the attributeID value from the replPropertyMetaData with the value found by looking up the attribute in the schema. When a custom schema had been added to servers running Samba, the attributes will be allocated using msDS-IntId values in GetNCChanges, but the OID-based values will be recorded in the replPropertyMetaData when changes are made locally. This means that when changes to a custom schema object are made on two different replicating servers, that duplicate replPropertyMetaData entries are created, one for the msDS-IntID (obtained over GetNCChanges) and one for the local attributeID value based on the prefixMap and the OID. The repl_meta_data code needs to match the getncchanges code in the server and use msDS-IntId contistently. Tests need to be written to confirm the exact behaviour over both LDAP and GetNCChanges. Use of msDS-IntID was introduced in 89899f55dc1fb137a0adfd734c87b65039f598a4 and 6a51afcfdbcbce7813fb59c0655e4178268ca70e in August 2010.
Created attachment 11328 [details] Example of broken replPropertyMetaData This is source4/selftest/provisions/release-4-1-0rc3/expected-replpropertymetadata-after-dbcheck.ldif in master (soon, hopefully) or in my replmetadata-sort-minimal branch. The 0x290001 attribute is the same as one of the 0x9D... attributes.
Fixed for Samba 4.4
*** Bug 11047 has been marked as a duplicate of this bug. ***