Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Other modules / Re: Error on person LDAP entry creation: The client attempted to add an entry that a
« on: June 29, 2017, 03:07:19 pm »
Had the same issue.
To identify the problem I did a manual ldapadd in the shell. This exited with the error
Failed to re-index objectsid ... unique index violation on objectSid
I checked the objectSid with ldapsearch and they were all unique. After more digging I found out that rIDNextRID was set too low. The solution is to find the highest objectSid (export ldap with e.g.
Next set rIDNextRID of OU=Domain Controllers to the highest objectSid + 1
Also see:
https://lists.samba.org/archive/samba/2016-June/200757.html
https://groups.google.com/forum/#!topic/linux.samba/brSRlEPP4u8
Use phpldapadmin for a graphical frontend if needed
To identify the problem I did a manual ldapadd in the shell. This exited with the error
Failed to re-index objectsid ... unique index violation on objectSid
I checked the objectSid with ldapsearch and they were all unique. After more digging I found out that rIDNextRID was set too low. The solution is to find the highest objectSid (export ldap with e.g.
Code: [Select]
ldapsearch -x -D "Administrator@domain.tld" -W -b "DC=..." > /tmp/ldap.txt
and grep for objectSid. You might need to reformat the valueNext set rIDNextRID of OU=Domain Controllers to the highest objectSid + 1
Also see:
https://lists.samba.org/archive/samba/2016-June/200757.html
https://groups.google.com/forum/#!topic/linux.samba/brSRlEPP4u8
Use phpldapadmin for a graphical frontend if needed
Pages: [1]