Bug 14705 - Expired Tombstones accumulate on a RODC
Summary: Expired Tombstones accumulate on a RODC
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.14.4
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-14 08:09 UTC by Christian Naumer
Modified: 2021-08-12 21:43 UTC (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Naumer 2021-05-14 08:09:43 UTC 
As RODC can not delete anything in its DB:


Mai 14 09:59:49 rodc.hq.domain.com samba[197972]: [2021/05/14 09:59:49.258694,  5] ../../lib/audit_logging/audit_logging.c:95(audit_log_human_text)
Mai 14 09:59:49 rodc.hq.domain.com samba[197972]:   DSDB Transaction [rollback] at [Fri, 14 May 2021 09:59:49.258680 CEST] duration [1317]
Mai 14 09:59:49 rodc.hq.domain.com samba[197972]: [2021/05/14 09:59:49.258843,  1] ../../source4/dsdb/kcc/garbage_collect_tombstones.c:105(garbage_collect_tombstones_part)
Mai 14 09:59:49 rodc.hq.domain.com samba[197972]:   ../../source4/dsdb/kcc/garbage_collect_tombstones.c:105: Failed to remove deleted object CN=BR-12KW562\0ADEL:685a1be8-467d-48b6-ac17-1443c380a528,CN=Deleted Objects,DC=hq,DC=domain,DC=com

They accumulate a´on the RODC and "samba-tool dbcheck --cross-ncs" tell us this:

NOTICE: found 2414 expired tombstones, 'samba' will remove them daily, 'samba-tool domain tombstones expunge' would do that immediately.

Trying the expunge fails as expected as it is a RODC.

I think the Tombstones should not accumulate but I am unsure what the correct behavior should be.