Web lists-archives.com

Re: [Samba] possible to use ldbedit in a safe way




Hi Louis,

On 10/17/2017 10:54 AM, L.P.H. van Belle via samba wrote:
Goto this object, in this object is the reference which if failty.

CN=84bea0a7-82dd-4237-9296-030573700698,CN=Partitions,CN=Configuration,DC=samba,DC=company,DC=com

Same for :
CN=d9d76e21-8cae-457d-b212-6cb192612739,CN=Partitions,CN=Configuration,DC=samba,DC=company,DC=com

There we can read basically what dbcheck also says:

Those CNs have four Replica-Locations, of which one is non-existant for years, this one:

msDS-NC-Replica-Locations in object CN=84bea0a7-82dd-4237-9296-030573700698,CN=Partitions,CN=Configuration,DC=samba,DC=company,DC=com - <GUID=81a27497-bdfb-4977-9874-675bbfba490f>;<RMD_ADDTIME=130405075610000000>;<RMD_CHANGETIME=130405075610000000>;<RMD_FLAGS=0>;<RMD_INVOCID=556b2cb4-e576-48e2-bb7c-7f62caee84fc>;<RMD_LOCAL_USN=4605>;<RMD_ORIGINATING_USN=3630>;<RMD_VERSION=0>;CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samba,DC=company,DC=com

Now check which server this GUID are, you know the faulty GUID.
Taken from the above, that would be DC1..?

Remove them from these.
This can also be down with the RSAT tool User/computer manager.
( in dutch the : kenmerkeditor ) through advanced view.

So, in ADUC, I choose Domain Controllers, and I see DC2, DC3, DC4. (DC1 being long gone)

I click (for example) DC2, Attributes Editor, no DC1 / 81a27497-bdfb-4977-9874-675bbfba490f.

Then DC2, NTDS settings, connections, just the expected (correct) two DCs. Attribute Editor, msDS-NC-Replica-Locations not there.

Am I doing something wrong / overlooking something?

MJ

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba