I am not sure this is actually a bug, but I figure I will submit this anyways. We had a power outage some time ago, and the bdb files got corrupted. I ran a slapindex after shutting down and it seems one entry is now missing. I have tried re-adding it, but when I do that, I get an error that this entry already exists. When I try and delete with that particular DN, it says that it does not exist. This is openldap 2.2.29-1 installed via Yum on FC4.
[root@PDC]# ldapadd -D "<ROOT DN>" -x -W -f entrymods Enter LDAP Password: adding new entry "uid=<username>,ou=People,dc=3sixtygroup,dc=com" ldap_add: Already exists (68)
[root@PDC]# ldapdelete -D "<ROOT DN>" -x -W -f entrymods2 Enter LDAP Password: Delete Result: No such object (32) Matched DN: ou=People,dc=3sixtygroup,dc=com
Contents of entrymods is as follows:
dn: uid=<username>,ou=People,dc=3sixtygroup,dc=com uid: <username> objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: <username> sn: <username> givenName: <username> uidNumber: <uidnumber> gidNumber: <gidnumber> homeDirectory: /home/<username> loginShell: /bin/bash gecos: System User sambaLogonTime: 0 sambaLogoffTime: 2147483647 displayName: <username> sambaSID: <> sambaPrimaryGroupSID: <> sambaLogonScript: scripts\logon.bat sambaHomePath: \PDC<username> sambaHomeDrive: H: sambaAcctFlags: [U]
Contents of entrymods2:
uid=<username>,ou=People,dc=3sixtygroup,dc=com changetype: delete
Any help would be much appreciated. Thanks.
On Tuesday, 10 July 2007, Chase Putans wrote:
I am not sure this is actually a bug, but I figure I will submit this anyways. We had a power outage some time ago, and the bdb files got corrupted.
At which point you should have run database recovery.
I ran a slapindex after shutting down is now missing. I have tried re-adding it, but when I do that, I get an error that this entry already exists. When I try and delete with that particular DN, it says that it does not exist. This is openldap 2.2.29-1 installed via Yum on FC4.
Upgrade to 2.3.x to avoid this happening in future (or call slapd_db_recover -h /var/lib/ldap in some script that runs at startup, or in the start() function in the init script).
[root@PDC]# ldapadd -D "<ROOT DN>" -x -W -f entrymods Enter LDAP Password: adding new entry "uid=<username>,ou=People,dc=3sixtygroup,dc=com" ldap_add: Already exists (68)
[root@PDC]# ldapdelete -D "<ROOT DN>" -x -W -f entrymods2 Enter LDAP Password: Delete Result: No such object (32) Matched DN: ou=People,dc=3sixtygroup,dc=com
Contents of entrymods is as follows:
dn: uid=<username>,ou=People,dc=3sixtygroup,dc=com uid: <username> objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: <username> sn: <username> givenName: <username> uidNumber: <uidnumber> gidNumber: <gidnumber> homeDirectory: /home/<username> loginShell: /bin/bash gecos: System User sambaLogonTime: 0 sambaLogoffTime: 2147483647 displayName: <username> sambaSID: <> sambaPrimaryGroupSID: <> sambaLogonScript: scripts\logon.bat sambaHomePath: \PDC<username> sambaHomeDrive: H: sambaAcctFlags: [U]
Contents of entrymods2:
uid=<username>,ou=People,dc=3sixtygroup,dc=com changetype: delete
Any help would be much appreciated. Thanks.
slapcat, slapadd. But, then you may as well upgrade to 2.3, and get new features too (such as smbk5pwd overlay which may help you with password synchronisation etc.).
Regards, Buchan
On Wed, 2007-07-11 at 12:50 +0200, Buchan Milne wrote:
Contents of entrymods is as follows:
dn: uid=<username>,ou=People,dc=3sixtygroup,dc=com uid: <username> objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: <username> sn: <username> givenName: <username> uidNumber: <uidnumber> gidNumber: <gidnumber> homeDirectory: /home/<username> loginShell: /bin/bash gecos: System User sambaLogonTime: 0 sambaLogoffTime: 2147483647 displayName: <username> sambaSID: <> sambaPrimaryGroupSID: <> sambaLogonScript: scripts\logon.bat sambaHomePath: \PDC<username> sambaHomeDrive: H: sambaAcctFlags: [U]
Contents of entrymods2:
uid=<username>,ou=People,dc=3sixtygroup,dc=com changetype: delete
Any help would be much appreciated. Thanks.
slapcat, slapadd. But, then you may as well upgrade to 2.3, and get new features too (such as smbk5pwd overlay which may help you with password synchronisation etc.).
slapadd seemed to work with my entrymods files. I didn't know that slapadd didn't pay attention to a lot of the things that ldapadd does. When doing an ldapsearch now, I see the user. However, doing a getent passwd does not show the user as it used to, but this could be an issue needing a Samba restart.
Thanks for the help.
On Wednesday, 11 July 2007, Chase Putans wrote:
On Wed, 2007-07-11 at 12:50 +0200, Buchan Milne wrote:
Contents of entrymods is as follows:
dn: uid=<username>,ou=People,dc=3sixtygroup,dc=com uid: <username> objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: <username> sn: <username> givenName: <username> uidNumber: <uidnumber> gidNumber: <gidnumber> homeDirectory: /home/<username> loginShell: /bin/bash gecos: System User sambaLogonTime: 0 sambaLogoffTime: 2147483647 displayName: <username> sambaSID: <> sambaPrimaryGroupSID: <> sambaLogonScript: scripts\logon.bat sambaHomePath: \PDC<username> sambaHomeDrive: H: sambaAcctFlags: [U]
Contents of entrymods2:
uid=<username>,ou=People,dc=3sixtygroup,dc=com changetype: delete
Any help would be much appreciated. Thanks.
slapcat, slapadd. But, then you may as well upgrade to 2.3, and get new features too (such as smbk5pwd overlay which may help you with password synchronisation etc.).
slapadd seemed to work with my entrymods files.
THe slapadd command is for the output from the slapcat command. Exporting and importing should ensure that your database is at least consistent.
I was not suggesting to use slapadd to make modifications to the database (after import).
I didn't know that slapadd didn't pay attention to a lot of the things that ldapadd does. When doing an ldapsearch now, I see the user.
Maybe you should read the man pages for the commands before you use them, so you are at least aware of what they do.
However, doing a getent passwd does not show the user as it used to, but this could be an issue needing a Samba restart.
No, samba doesn't need a restart, but if you are using nscd, it may need a restart (or an 'nscd -i passwd;nscd -i group', or both).
Regards, Buchan
On Thu, 2007-07-12 at 08:19 +0200, Buchan Milne wrote:
slapcat, slapadd. But, then you may as well upgrade to 2.3, and get new features too (such as smbk5pwd overlay which may help you with password synchronisation etc.).
slapadd seemed to work with my entrymods files.
THe slapadd command is for the output from the slapcat command. Exporting and importing should ensure that your database is at least consistent.
I was not suggesting to use slapadd to make modifications to the database (after import).
I understood what you are suggesting, and when I have time to take down LDAP for an extended period of time, I will use the slapcat LDIF to import.
I didn't know that slapadd didn't pay attention to a lot of the things that ldapadd does. When doing an ldapsearch now, I see the user.
Maybe you should read the man pages for the commands before you use them, so you are at least aware of what they do.
Yeah, I ended up reading it after receving your message yesterday so I was sure I knew how it worked and what it did.
However, doing a getent passwd does not show the user as it used to, but this could be an issue needing a Samba restart.
No, samba doesn't need a restart, but if you are using nscd, it may need a restart (or an 'nscd -i passwd;nscd -i group', or both).
Thanks for that. Much appreciated.
Regards, Buchan
CRP
-
Buchan Milne -
Chase Putans