>> After removing a distribution group in AD (on a Windows DC) yesterday, there're >> a lot of such errors in samba-dc (4.12.2) since then: >> [2020/05/22 13:19:04.200747, 1] ../../source4/dsdb/repl/replicated_objects.c:904(dsdb_replicated_objects_commit) >> Failed to apply records: Failed to locally apply remote rename from CN=videdom,CN=Users,DC=domain,DC=com to CN=videdom\0ADEL:961b28de-c68a-470c-af75-a5ad30ddc539,CN=Deleted Objects,DC=domain,DC=com: >> error in module linked_attributes: Attribute or value exists during LDB_RENAME (20): Other >> >> How to get that fixed? >> > Ii looks like the group was deleted on the Windows DC but the deletion > isn't replicating to the other DC's, or it was replicated, but something > is now trying to delete it again on the other DC's. Can you check which > record exists on the other DC's.I have two DCs: Windows (keeps all the roles) and Samba. There're no such record on Windows DC anymore. This command issued on samba-dc does not show anything relevant as well: # ldbsearch --cross-ncs --show-binary -H /usr/local/samba/private/sam.ldb -b 'CN=Users,DC=domain,DC=com' -s sub '(objectClass=group)' | grep videodom -- Best regards, Alex
>>> After removing a distribution group in AD (on a Windows DC) yesterday, there're >>> a lot of such errors in samba-dc (4.12.2) since then: >>> [2020/05/22 13:19:04.200747, 1] ../../source4/dsdb/repl/replicated_objects.c:904(dsdb_replicated_objects_commit) >>> Failed to apply records: Failed to locally apply remote rename from CN=videdom,CN=Users,DC=domain,DC=com to CN=videdom\0ADEL:961b28de-c68a-470c-af75-a5ad30ddc539,CN=Deleted Objects,DC=domain,DC=com: >>> error in module linked_attributes: Attribute or value exists during LDB_RENAME (20): Other >>> >>> How to get that fixed? >>> >> Ii looks like the group was deleted on the Windows DC but the deletion >> isn't replicating to the other DC's, or it was replicated, but something >> is now trying to delete it again on the other DC's. Can you check which >> record exists on the other DC's.> I have two DCs: Windows (keeps all the roles) and Samba. There're no such record on > Windows DC anymore.> This command issued on samba-dc does not show anything relevant as well: > # ldbsearch --cross-ncs --show-binary -H /usr/local/samba/private/sam.ldb -b > 'CN=Users,DC=domain,DC=com' -s sub '(objectClass=group)' | grep videodomI apologies, I mistyped the value in grep. This one does find the record in Samba: # ldbsearch --cross-ncs --show-binary -H /usr/local/samba/private/sam.ldb -b 'CN=Users,DC=domain,DC=com' -s sub '(objectClass=group)' 2>&1 | grep videdom dn: CN=videdom,CN=Users,DC=domain,DC=com ... -- Best regards, Alex
On 22/05/2020 12:59, Alex wrote> I apologies, I mistyped the value in grep. This one does find the record in > Samba: > # ldbsearch --cross-ncs --show-binary -H /usr/local/samba/private/sam.ldb -b 'CN=Users,DC=domain,DC=com' -s sub '(objectClass=group)' 2>&1 | grep videdom > dn: CN=videdom,CN=Users,DC=domain,DC=com > ...Try changing the search base to 'CN=Deleted Objects,DC=domain,DC=com' and see if the record exists there as well. Rowland