"unique index violation on objectSid" nach Crash

german

#1

Hallo,

Nach einem Crash des UCS (DC Master), ausgelöst durch ein Storage-Problem, habe ich jetzt das Problem, dass alle neu angelegten Objekte den Fehler “unique index violation on objectSid” erzeugen. Das betrifft sowohl lokal angelegte User/Gruppen/etc. wie auch Versuche, Rechner oder andere Geräte in die Domäne aufzunehmen.

Beispiel:

[code]09.02.2016 10:56:36,41 LDAP (PROCESS): sync from ucs: [ user] [ add] cn=wrtlbrmpft,cn=users,DC=wgmtest,DC=muc
09.02.2016 10:56:36,193 LDAP (ERROR ): sync_from_ucs: traceback during add object: cn=wrtlbrmpft,cn=users,DC=wgmtest,DC=muc
09.02.2016 10:56:36,193 LDAP (ERROR ): sync_from_ucs: traceback due to addlist: [(‘objectClass’, [‘top’, ‘user’, ‘person’, ‘organizationalPerson’]), (‘sAMAccountName’, [u’wrtlbrmpft’]), (u’displayName’, [u’Test User’]), (u’sn’, [u’User’]), (u’givenName’, [u’Test’])]
09.02.2016 10:56:36,305 LDAP (WARNING): sync failed, saved as rejected
/var/lib/univention-connector/s4/1455011790.395877
09.02.2016 10:56:36,305 LDAP (WARNING): Traceback (most recent call last):
File “/usr/lib/pymodules/python2.7/univention/s4connector/init.py”, line 802, in __sync_file_from_ucs
or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/init.py”, line 2419, in sync_from_ucs
self.lo_s4.lo.add_ext_s(compatible_modstring(object[‘dn’]), compatible_addlist(addlist), serverctrls=ctrls) #FIXME encoding
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 187, in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 476, in result3
resp_ctrl_classes=resp_ctrl_classes
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 483, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 106, in _ldap_call
result = func(*args,**kwargs)
ALREADY_EXISTS: {‘info’: ‘00002071: …/ldb_tdb/ldb_index.c:1216: Failed to re-index objectSid in CN=wrtlbrmpft,CN=Users,DC=wgmtest,DC=muc - …/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid in CN=wrtlbrmpft,CN=Users,DC=wgmtest,DC=muc’, ‘desc’: ‘Already exists’}

09.02.2016 10:56:36,309 LDAP (PROCESS): sync from ucs: [ group] [ modify] cn=domain users,cn=groups,DC=wgmtest,DC=muc
09.02.2016 10:56:36,326 LDAP (PROCESS): sync from ucs: [ user] [ modify] cn=wrtlbrmpft,cn=users,DC=wgmtest,DC=muc
09.02.2016 10:56:36,462 LDAP (ERROR ): sync_from_ucs: traceback during add object: cn=wrtlbrmpft,cn=users,DC=wgmtest,DC=muc
09.02.2016 10:56:36,462 LDAP (ERROR ): sync_from_ucs: traceback due to addlist: [(‘objectClass’, [‘top’, ‘user’, ‘person’, ‘organizationalPerson’]), (‘sAMAccountName’, [u’wrtlbrmpft’]), (u’displayName’, [u’Test User’]), (u’sn’, [u’User’]), (u’givenName’, [u’Test’])]
09.02.2016 10:56:36,561 LDAP (WARNING): sync failed, saved as rejected
/var/lib/univention-connector/s4/1455011791.224905
09.02.2016 10:56:36,561 LDAP (WARNING): Traceback (most recent call last):
File “/usr/lib/pymodules/python2.7/univention/s4connector/init.py”, line 802, in __sync_file_from_ucs
or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/init.py”, line 2419, in sync_from_ucs
self.lo_s4.lo.add_ext_s(compatible_modstring(object[‘dn’]), compatible_addlist(addlist), serverctrls=ctrls) #FIXME encoding
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 187, in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 476, in result3
resp_ctrl_classes=resp_ctrl_classes
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 483, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 106, in _ldap_call
result = func(*args,**kwargs)
ALREADY_EXISTS: {‘info’: ‘00002071: …/ldb_tdb/ldb_index.c:1216: Failed to re-index objectSid in CN=wrtlbrmpft,CN=Users,DC=wgmtest,DC=muc - …/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid in CN=wrtlbrmpft,CN=Users,DC=wgmtest,DC=muc’, ‘desc’: ‘Already exists’}[/code]
Ich vermute, dass ich beim leider notwendigen Einspielen des LDAP-Backups irgendwas verkehrt gemacht/übersehen habe nur komme ich nicht drauf was. Wäre schön, wenn mir da jemand helfen könnte.


#2

Und gefunden, die RIDs waren es: Samba 4 - RID-Pool erneuern