Hey All, I'm running Samba on Re

[ChrisBeach]

Hey All,

I'm running Samba on Redhat with an ldap backend. A year or so back our admin logins kept wanting to expire, so the admin at the time created a cron job to set them not to expire every 5 minutes.

Samba or LDAP (not sure which yet) crashed today, twice. And now 2 accounts aren't existing in LDAP, and they are 2 of the admin logins out of that cron job, I have a fishy feeling they are related.

Now, could I simply add root again using the smbldap tools? I'd need the SID to be the same would I not? Linux end it looks like the root account is still there, but it is non existent in samba/ldap. Could anyone give me any pointers please?

Thanks

 

[ChrisBeach]

Well I've resolved my problem. Turned out the records for the 2 accounts were corrupt, couldn't delete, view, or add them.

I tried just copying /var/lib/ldap from our backups to the server but nothing was authenticating against it successfully, anyone know any reasoning behind this? Only thing I can think of is that the backup is set to copy the folder while ldap is running, I don't think the person who set up the backup set it to turn off ldap, and maybe that partially corrupted the DB.

Any way in the end I ended up slapcat'ing the corrupt database, searching through the ldiff file i had made and deleting the entries of the root account that got corrupt, then copying in the root account info from an ldiff file from the backup, then using slapadd on a new ldap db to load all the info, so thankfully everything's gone great at work today