Bug 9401 - Errors in samba-tool dbcheck after deleting user
Summary: Errors in samba-tool dbcheck after deleting user
Status: RESOLVED INVALID
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.0.0rc5
Hardware: All Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-15 10:00 UTC by Sergey Urushkin
Modified: 2016-07-25 09:24 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sergey Urushkin 2012-11-15 10:00:04 UTC 
We have 2 running s4 DCs in production (migrated from s3), more than half
thousand users.

While migrating, I periodically run dbcheck on both DCs (just to see
if db error occurs), a few times there were errors (which were fixed
successfully). And I finally noticed when it happens for sure: after
deleting user with samba-tool (or ADUC) on the first dc, I get these errors with
dbcheck on the second:

# samba-tool dbcheck --cross-ncs --fix --yes
Checking 5286 objects
ERROR: target DN is deleted for member in object
CN=Project,CN=Users,DC=domain,DC=ru -
<GUID=2b091e47-c82c-4a5d-95e9-b06cd4615fbb>;<SID=S-1-5-21-530720856-2058831417-1234567890-4304>;CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Target GUID points at deleted DN
CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Remove DN link? [YES]
Removed deleted DN on attribute member
ERROR: target DN is deleted for member in object
CN=1c_user,CN=Users,DC=domain,DC=ru -
<GUID=2b091e47-c82c-4a5d-95e9-b06cd4615fbb>;<SID=S-1-5-21-530720856-2058831417-1234567890-4304>;CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Target GUID points at deleted DN
CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Remove DN link? [YES]
Removed deleted DN on attribute member
ERROR: target DN is deleted for member in object
CN=ti,CN=Users,DC=domain,DC=ru -
<GUID=2b091e47-c82c-4a5d-95e9-b06cd4615fbb>;<SID=S-1-5-21-530720856-2058831417-1234567890-4304>;CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Target GUID points at deleted DN
CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Remove DN link? [YES]
Removed deleted DN on attribute member
ERROR: target DN is deleted for member in object
CN=hp5550,CN=Users,DC=domain,DC=ru -
<GUID=2b091e47-c82c-4a5d-95e9-b06cd4615fbb>;<SID=S-1-5-21-530720856-2058831417-1234567890-4304>;CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Target GUID points at deleted DN
CN=user1\0ADEL:2b091e47-c82c-4a5d-95e9-b06cd4615fbb,CN=Deleted
Objects,DC=domain,DC=ru
Remove DN link? [YES]
Removed deleted DN on attribute member
Checked 5286 objects (4 errors)

user1 was the member of all these groups. Do you have any ideas about this?

# samba --version
Version 4.1.0pre1-GIT-50d47fc

# uname -a
Linux dc0 3.2.0-32-generic #51-Ubuntu SMP Wed Sep 26 21:33:09 UTC 2012
x86_64 x86_64 x86_64 GNU/Linux
Comment 1 Garming Sam 2016-07-25 09:24:31 UTC 
This is fairly expected (they are simply stale unused links), and now hopefully mostly avoided regardless in the upcoming 4.5 release.