If the LDAP request specify which value shoud be delete either for a mono or a multivaluated attribute, then samba is locked and print something like this in the log file ldb: ERROR: dn CN=Administrator, CN=Users, DC=samba4,DC=org not found in @INDEX:MAIL:TEST@TEST.COM dn: @INDEX:MAIL:TEST@TEST.COM @IDX: CN=Administrator,CN=Users,DC=samba4,DC=org Where: * CN=Administrator, CN=Users, DC=samba4,DC=org is the object modified * MAIL is the attribute modified * TEST@TEST.COM is the remove value specified. How to reproduce: with ldap browser editor 2.8.2, create an attribute mail (type String) with whatever value. The right click on the mail attribute and select delete attribute, choose "selected value" and click delete and see samba blocked. Deleting all the value of one attribute is OK. The attached trace show behavior: * frame 7 when deleting one value of a multivalued attribute (proxyAddresses) * frame 37 when deleting all values of a mutivalued attribute (proxyAddresses) * frame 49 when deleting one value of a single valued attribute (mail)
Created attachment 4603 [details] Tcpdump trace
This is a very interesting bug!
Fixed by e2403f1314a28722f0fb21f6682320b2e9935d - a further fix to the underling issue still in progress.