5 Usage: dbcheck-links.sh PREFIX RELEASE
14 . $
(dirname $0)/subunit.sh
16 . $
(dirname $0)/common-links.sh
17 . $
(dirname $0)/common_test_fns.inc
21 if [ ! -x $samba_undump ] ||
[ ! -d $release_dir ]; then
22 subunit_start_test
$RELEASE
23 subunit_skip_test
$RELEASE <<EOF
27 subunit_start_test
"tombstones_expunge"
28 subunit_skip_test
"tombstones_expunge" <<EOF
37 tmpfile
=$PREFIX_ABS/$RELEASE/expected-dbcheck-link-output
${1}.txt.tmp
38 tmpldif1
=$PREFIX_ABS/$RELEASE/expected-dbcheck-output
${1}2.txt.tmp1
40 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--scope=base
-b '' |
grep highestCommittedUSN
>$tmpldif1
42 $PYTHON $BINDIR/samba-tool dbcheck
-H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
$3 --fix --yes >$tmpfile
43 if [ "$?" != "$2" ]; then
46 sort $tmpfile |
grep -v "^INFO:" >$tmpfile.sorted
47 sort $release_dir/expected-dbcheck-link-output
${1}.txt
>$tmpfile.expected
48 diff -u $tmpfile.sorted
$tmpfile.expected
49 if [ "$?" != "0" ]; then
53 tmpldif2
=$PREFIX_ABS/$RELEASE/expected-dbcheck-output
${1}2.txt.tmp2
54 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--scope=base
-b '' |
grep highestCommittedUSN
>$tmpldif2
56 diff -u $tmpldif1 $tmpldif2
57 if [ "$?" != "0" ]; then
64 dbcheck
"" "1" "--selftest-check-expired-tombstones"
70 dbcheck
"_one_way" "0" "CN=Configuration,DC=release-4-5-0-pre1,DC=samba,DC=corp --selftest-check-expired-tombstones"
76 tmpldif1
=$PREFIX_ABS/$RELEASE/expected-dbcheck-output2.txt.tmp1
78 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--scope=base
-b '' |
grep highestCommittedUSN
>$tmpldif1
80 $PYTHON $BINDIR/samba-tool dbcheck
-H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
81 if [ "$?" != "0" ]; then
84 tmpldif2
=$PREFIX_ABS/$RELEASE/expected-dbcheck-output2.txt.tmp2
85 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--scope=base
-b '' |
grep highestCommittedUSN
>$tmpldif2
87 diff -u $tmpldif1 $tmpldif2
88 if [ "$?" != "0" ]; then
93 check_expected_after_links
()
95 tmpldif
=$PREFIX_ABS/$RELEASE/expected-links-after-link-dbcheck.ldif.tmp
96 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(|(cn=swimmers)(cn=leaders)(cn=helpers))' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --sorted member
>$tmpldif
97 diff -u $tmpldif $release_dir/expected-links-after-link-dbcheck.ldif
98 if [ "$?" != "0" ]; then
103 check_expected_after_deleted_links
()
105 tmpldif
=$PREFIX_ABS/$RELEASE/expected-deleted-links-after-link-dbcheck.ldif.tmp
106 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(|(cn=swimmers)(cn=leaders)(cn=helpers))' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted member
>$tmpldif
107 diff -u $tmpldif $release_dir/expected-deleted-links-after-link-dbcheck.ldif
108 if [ "$?" != "0" ]; then
113 check_expected_after_objects
()
115 tmpldif
=$PREFIX_ABS/$RELEASE/expected-objects-after-link-dbcheck.ldif.tmp
116 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(|(samaccountname=fred)(samaccountname=ddg)(samaccountname=usg)(samaccountname=user1)(samaccountname=user1x)(samaccountname=user2))' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted samAccountName |
grep sAMAccountName
>$tmpldif
117 diff -u $tmpldif $release_dir/expected-objects-after-link-dbcheck.ldif
118 if [ "$?" != "0" ]; then
125 # We use an existing group so we have a stable GUID in the
127 LDIF1
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
-b 'CN=Enterprise Admins,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' --scope=base
--reveal --extended-dn member
)
128 DN
=$
(echo "${LDIF1}" |
grep '^dn: ')
129 MSG
=$
(echo "${LDIF1}" |
grep -v '^dn: ' |
grep -v '^#' |
grep -v '^$')
130 ldif
=$PREFIX_ABS/${RELEASE}/duplicate-member-multi.ldif
133 echo "changetype: modify"
134 echo "replace: member"
136 echo "${MSG}" |
sed -e 's!RMD_LOCAL_USN=[1-9][0-9]*!RMD_LOCAL_USN=0!'
139 TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif
140 if [ "$?" != "0" ]; then
145 dbcheck_duplicate_member
()
147 dbcheck
"_duplicate_member" "1" "--selftest-check-expired-tombstones"
151 check_expected_after_duplicate_links
()
153 tmpldif
=$PREFIX_ABS/$RELEASE/expected-duplicates-after-link-dbcheck.ldif.tmp
154 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(|(cn=administrator)(cn=enterprise admins))' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --sorted memberOf member
>$tmpldif
155 diff -u $tmpldif $release_dir/expected-duplicates-after-link-dbcheck.ldif
156 if [ "$?" != "0" ]; then
161 missing_link_sid_corruption
()
163 # Step1: add user "missingsidu1"
165 ldif
=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption1.ldif
167 dn: CN=missingsidu1,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
170 samaccountname: missingsidu1
171 objectGUID: 0da8f25e-d110-11e8-80b7-3c970ec68461
172 objectSid: S-1-5-21-4177067393-1453636373-93818738-771
175 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
176 if [ "$?" != "0" ]; then
177 echo "ldbmodify returned:\n$out"
181 # Step2: add user "missingsidu2"
183 ldif
=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption2.ldif
185 dn: CN=missingsidu2,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
188 samaccountname: missingsidu2
189 objectGUID: 66eb8f52-d110-11e8-ab9b-3c970ec68461
190 objectSid: S-1-5-21-4177067393-1453636373-93818738-772
193 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
194 if [ "$?" != "0" ]; then
195 echo "ldbmodify returned:\n$out"
199 # Step3: add group "missingsidg3" and add users as members
201 ldif
=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption3.ldif
203 dn: CN=missingsidg3,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
206 samaccountname: missingsidg3
207 objectGUID: fd992424-d114-11e8-bb36-3c970ec68461
208 objectSid: S-1-5-21-4177067393-1453636373-93818738-773
209 member: CN=missingsidu1,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
210 member: CN=missingsidu2,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
213 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
214 if [ "$?" != "0" ]; then
215 echo "ldbmodify returned:\n$out"
219 # Step4: remove one user again, so that we have one deleted link
221 ldif
=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption4.ldif
223 dn: CN=missingsidg3,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
226 member: CN=missingsidu1,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
229 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
230 if [ "$?" != "0" ]; then
231 echo "ldbmodify returned:\n$out"
236 # Step5: remove the SIDS from the links
238 LDIF1
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
-b 'CN=missingsidg3,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' --scope=base
--reveal --extended-dn --show-binary member
)
239 DN
=$
(echo "${LDIF1}" |
grep '^dn: ')
240 MSG
=$
(echo "${LDIF1}" |
grep -v '^dn: ' |
grep -v '^#' |
grep -v '^$')
241 ldif
=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption5.ldif
244 echo "changetype: modify"
245 echo "replace: member"
247 echo "${MSG}" |
sed \
248 -e 's!<SID=S-1-5-21-4177067393-1453636373-93818738-771>;!!g' \
249 -e 's!<SID=S-1-5-21-4177067393-1453636373-93818738-772>;!!g' \
250 -e 's!RMD_ADDTIME=[1-9][0-9]*!RMD_ADDTIME=123456789000000000!g' \
251 -e 's!RMD_CHANGETIME=[1-9][0-9]*!RMD_CHANGETIME=123456789000000000!g' |
255 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
256 if [ "$?" != "0" ]; then
257 echo "ldbmodify returned:\n$out"
264 dbcheck_missing_link_sid_corruption
()
266 dbcheck
"-missing-link-sid-corruption" "1" "--selftest-check-expired-tombstones"
270 add_lost_deleted_user1
()
272 ldif
=$PREFIX_ABS/${RELEASE}/add_lost_deleted_user1.ldif
274 dn: CN=fred\0ADEL:2301a64c-1234-5678-851e-12d4a711cfb4,OU=removed,DC=release-4-5-0-pre1,DC=samba,DC=corp
277 objectClass: organizationalPerson
280 whenCreated: 20160629043638.0Z
282 objectGUID: 2301a64c-1234-5678-851e-12d4a711cfb4
283 objectSid: S-1-5-21-4177067393-1453636373-93818738-1011
285 userAccountControl: 512
287 lastKnownParent: <GUID=f28216e9-1234-5678-8b2d-6bb229563b62>;OU=removed,DC=rel
288 ease-4-5-0-pre1,DC=samba,DC=corp
290 cn:: ZnJlZApERUw6MjMwMWE2NGMtMTIzNC01Njc4LTg1MWUtMTJkNGE3MTFjZmI0
291 name:: ZnJlZApERUw6MjMwMWE2NGMtMTIzNC01Njc4LTg1MWUtMTJkNGE3MTFjZmI0
292 replPropertyMetaData:: AQAAAAAAAAAXAAAAAAAAAAAAAAABAAAAVuGDDQMAAACjlkROuH+XT4o
293 z0jjbi14tnA4AAAAAAACcDgAAAAAAAAMAAAACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4A
294 AAAAAACiDgAAAAAAAAEAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAA
295 AAAAAIAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAADAAAgABAA
296 AAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAABkBAgABAAAAVuGDDQMAAAC
297 jlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAAEACQACAAAAV+GDDQMAAACjlkROuH+XT4oz
298 0jjbi14tog4AAAAAAACiDgAAAAAAAAgACQADAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tng4AA
299 AAAAACeDgAAAAAAABAACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAA
300 AAABkACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAFoACQABAAA
301 AVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAF4ACQABAAAAVuGDDQMAAACj
302 lkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAGAACQADAAAAV+GDDQMAAACjlkROuH+XT4oz0
303 jjbi14tog4AAAAAAACiDgAAAAAAAGIACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAA
304 AAAACiDgAAAAAAAH0ACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAA
305 AAJIACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAJ8ACQACAAAA
306 V+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAN0ACQABAAAAVuGDDQMAAACjl
307 kROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAC4BCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0j
308 jbi14tog4AAAAAAACiDgAAAAAAAJACCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAA
309 AAACiDgAAAAAAAA0DCQABAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAA
310 AA4DCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAAoICQABAAAAV
311 +GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAA==
312 whenChanged: 20160629043639.0Z
314 nTSecurityDescriptor:: AQAXjBQAAAAwAAAATAAAAMQAAAABBQAAAAAABRUAAACB/fj4FbukVnK
315 PlwUAAgAAAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFAAIAAAQAeAACAAAAB1o4ACAAAAADAAAAvjsO
316 8/Cf0RG2AwAA+ANnwaV6lr/mDdARooUAqgAwSeIBAQAAAAAAAQAAAAAHWjgAIAAAAAMAAAC/Ow7z8
317 J/REbYDAAD4A2fBpXqWv+YN0BGihQCqADBJ4gEBAAAAAAABAAAAAAQA1AcsAAAAAAAkAP8BDwABBQ
318 AAAAAABRUAAACB/fj4FbukVnKPlwUAAgAAAAAUAP8BDwABAQAAAAAABRIAAAAAABgA/wEPAAECAAA
319 AAAAFIAAAACQCAAAAABQAlAACAAEBAAAAAAAFCgAAAAUAKAAAAQAAAQAAAFMacqsvHtARmBkAqgBA
320 UpsBAQAAAAAABQoAAAAFACgAAAEAAAEAAABUGnKrLx7QEZgZAKoAQFKbAQEAAAAAAAUKAAAABQAoA
321 AABAAABAAAAVhpyqy8e0BGYGQCqAEBSmwEBAAAAAAAFCgAAAAUAKAAwAAAAAQAAAIa4tXdKlNERrr
322 0AAPgDZ8EBAQAAAAAABQoAAAAFACgAMAAAAAEAAACylVfkVZTREa69AAD4A2fBAQEAAAAAAAUKAAA
323 ABQAoADAAAAABAAAAs5VX5FWU0RGuvQAA+ANnwQEBAAAAAAAFCgAAAAUAOAAQAAAAAQAAAPiIcAPh
324 CtIRtCIAoMlo+TkBBQAAAAAABRUAAACB/fj4FbukVnKPlwUpAgAABQA4ABAAAAABAAAAAEIWTMAg0
325 BGnaACqAG4FKQEFAAAAAAAFFQAAAIH9+PgVu6RWco+XBSkCAAAFADgAEAAAAAEAAABAwgq8qXnQEZ
326 AgAMBPwtTPAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFKQIAAAAAFAAAAAIAAQEAAAAAAAULAAAABQA
327 oABAAAAABAAAAQi+6WaJ50BGQIADAT8LTzwEBAAAAAAAFCwAAAAUAKAAQAAAAAQAAAIa4tXdKlNER
328 rr0AAPgDZ8EBAQAAAAAABQsAAAAFACgAEAAAAAEAAACzlVfkVZTREa69AAD4A2fBAQEAAAAAAAULA
329 AAABQAoABAAAAABAAAAVAGN5Pi80RGHAgDAT7lgUAEBAAAAAAAFCwAAAAUAKAAAAQAAAQAAAFMacq
330 svHtARmBkAqgBAUpsBAQAAAAAAAQAAAAAFADgAEAAAAAEAAAAQICBfpXnQEZAgAMBPwtTPAQUAAAA
331 AAAUVAAAAgf34+BW7pFZyj5cFKQIAAAUAOAAwAAAAAQAAAH96lr/mDdARooUAqgAwSeIBBQAAAAAA
332 BRUAAACB/fj4FbukVnKPlwUFAgAABQAsABAAAAABAAAAHbGpRq5gWkC36P+KWNRW0gECAAAAAAAFI
333 AAAADACAAAFACwAMAAAAAEAAAAcmrZtIpTREa69AAD4A2fBAQIAAAAAAAUgAAAAMQIAAAUALAAwAA
334 AAAQAAAGK8BVjJvShEpeKFag9MGF4BAgAAAAAABSAAAAAxAgAABRo8ABAAAAADAAAAAEIWTMAg0BG
335 naACqAG4FKRTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAAEIWTMAg
336 0BGnaACqAG4FKbp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAAAECAgX
337 6V50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAEC
338 AgX6V50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAA
339 AQMIKvKl50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAAD
340 AAAAQMIKvKl50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAA
341 AADAAAAQi+6WaJ50BGQIADAT8LTzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8AB
342 AAAAADAAAAQi+6WaJ50BGQIADAT8LTz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo
343 8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5ORTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAA
344 BRI8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5Obp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqA
345 gAABRo4ABAAAAADAAAAbZ7Gt8cs0hGFTgCgyYP2CIZ6lr/mDdARooUAqgAwSeIBAQAAAAAABQkAAA
346 AFGjgAEAAAAAMAAABtnsa3xyzSEYVOAKDJg/YInHqWv+YN0BGihQCqADBJ4gEBAAAAAAAFCQAAAAU
347 SOAAQAAAAAwAAAG2exrfHLNIRhU4AoMmD9gi6epa/5g3QEaKFAKoAMEniAQEAAAAAAAUJAAAABRos
348 AJQAAgACAAAAFMwoSDcUvEWbB61vAV5fKAECAAAAAAAFIAAAACoCAAAFGiwAlAACAAIAAACcepa/5
349 g3QEaKFAKoAMEniAQIAAAAAAAUgAAAAKgIAAAUSLACUAAIAAgAAALp6lr/mDdARooUAqgAwSeIBAg
350 AAAAAABSAAAAAqAgAABRIoADABAAABAAAA3kfmkW/ZcEuVV9Y/9PPM2AEBAAAAAAAFCgAAAAASJAD
351 /AQ8AAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFBwIAAAASGAAEAAAAAQIAAAAAAAUgAAAAKgIAAAAS
352 GAC9AQ8AAQIAAAAAAAUgAAAAIAIAAA==
355 out
=$
(TZ
=UTC
$ldbadd -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
356 if [ "$?" != "0" ]; then
357 echo "ldbadd returned:\n$out"
364 dbcheck_lost_deleted_user1
()
366 dbcheck
"-lost-deleted-user1" "1" "--selftest-check-expired-tombstones"
370 remove_lost_deleted_user1
()
372 out
=$
(TZ
=UTC
$ldbdel -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
"<GUID=2301a64c-1234-5678-851e-12d4a711cfb4>" --show-recycled --relax)
373 if [ "$?" != "0" ]; then
374 echo "ldbdel returned:\n$out"
381 add_lost_deleted_user2
()
383 ldif
=$PREFIX_ABS/${RELEASE}/add_lost_deleted_user2.ldif
385 dn: CN=fred\0ADEL:2301a64c-8765-4321-851e-12d4a711cfb4,CN=LostAndFound,DC=release-4-5-0-pre1,DC=samba,DC=corp
388 objectClass: organizationalPerson
391 whenCreated: 20160629043638.0Z
393 objectGUID: 2301a64c-8765-4321-851e-12d4a711cfb4
394 objectSid: S-1-5-21-4177067393-1453636373-93818738-1001
396 userAccountControl: 512
398 lastKnownParent: OU=removed,DC=release-4-5-0-pre1,DC=samba,DC=corp
400 cn:: ZnJlZApERUw6MjMwMWE2NGMtODc2NS00MzIxLTg1MWUtMTJkNGE3MTFjZmI0
401 name:: ZnJlZApERUw6MjMwMWE2NGMtODc2NS00MzIxLTg1MWUtMTJkNGE3MTFjZmI0
402 replPropertyMetaData:: AQAAAAAAAAAXAAAAAAAAAAAAAAABAAAAVuGDDQMAAACjlkROuH+XT4o
403 z0jjbi14tnA4AAAAAAACcDgAAAAAAAAMAAAACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4A
404 AAAAAACiDgAAAAAAAAEAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAA
405 AAAAAIAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAADAAAgABAA
406 AAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAABkBAgABAAAAVuGDDQMAAAC
407 jlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAAEACQAEAAAAePOWEgMAAACjlkROuH+XT4oz
408 0jjbi14tvA4AAAAAAAC8DgAAAAAAAAgACQADAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tng4AA
409 AAAAACeDgAAAAAAABAACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAA
410 AAABkACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAFoACQABAAA
411 AVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAF4ACQABAAAAVuGDDQMAAACj
412 lkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAGAACQADAAAAV+GDDQMAAACjlkROuH+XT4oz0
413 jjbi14tog4AAAAAAACiDgAAAAAAAGIACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAA
414 AAAACiDgAAAAAAAH0ACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAA
415 AAJIACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAJ8ACQACAAAA
416 V+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAN0ACQABAAAAVuGDDQMAAACjl
417 kROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAC4BCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0j
418 jbi14tog4AAAAAAACiDgAAAAAAAJACCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAA
419 AAACiDgAAAAAAAA0DCQADAAAAePOWEgMAAACjlkROuH+XT4oz0jjbi14tvQ4AAAAAAAC9DgAAAAAA
420 AA4DCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAAoICQABAAAAV
421 +GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAA==
422 whenChanged: 20160629043639.0Z
424 nTSecurityDescriptor:: AQAXjBQAAAAwAAAATAAAAMQAAAABBQAAAAAABRUAAACB/fj4FbukVnK
425 PlwUAAgAAAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFAAIAAAQAeAACAAAAB1o4ACAAAAADAAAAvjsO
426 8/Cf0RG2AwAA+ANnwaV6lr/mDdARooUAqgAwSeIBAQAAAAAAAQAAAAAHWjgAIAAAAAMAAAC/Ow7z8
427 J/REbYDAAD4A2fBpXqWv+YN0BGihQCqADBJ4gEBAAAAAAABAAAAAAQA1AcsAAAAAAAkAP8BDwABBQ
428 AAAAAABRUAAACB/fj4FbukVnKPlwUAAgAAAAAUAP8BDwABAQAAAAAABRIAAAAAABgA/wEPAAECAAA
429 AAAAFIAAAACQCAAAAABQAlAACAAEBAAAAAAAFCgAAAAUAKAAAAQAAAQAAAFMacqsvHtARmBkAqgBA
430 UpsBAQAAAAAABQoAAAAFACgAAAEAAAEAAABUGnKrLx7QEZgZAKoAQFKbAQEAAAAAAAUKAAAABQAoA
431 AABAAABAAAAVhpyqy8e0BGYGQCqAEBSmwEBAAAAAAAFCgAAAAUAKAAwAAAAAQAAAIa4tXdKlNERrr
432 0AAPgDZ8EBAQAAAAAABQoAAAAFACgAMAAAAAEAAACylVfkVZTREa69AAD4A2fBAQEAAAAAAAUKAAA
433 ABQAoADAAAAABAAAAs5VX5FWU0RGuvQAA+ANnwQEBAAAAAAAFCgAAAAUAOAAQAAAAAQAAAPiIcAPh
434 CtIRtCIAoMlo+TkBBQAAAAAABRUAAACB/fj4FbukVnKPlwUpAgAABQA4ABAAAAABAAAAAEIWTMAg0
435 BGnaACqAG4FKQEFAAAAAAAFFQAAAIH9+PgVu6RWco+XBSkCAAAFADgAEAAAAAEAAABAwgq8qXnQEZ
436 AgAMBPwtTPAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFKQIAAAAAFAAAAAIAAQEAAAAAAAULAAAABQA
437 oABAAAAABAAAAQi+6WaJ50BGQIADAT8LTzwEBAAAAAAAFCwAAAAUAKAAQAAAAAQAAAIa4tXdKlNER
438 rr0AAPgDZ8EBAQAAAAAABQsAAAAFACgAEAAAAAEAAACzlVfkVZTREa69AAD4A2fBAQEAAAAAAAULA
439 AAABQAoABAAAAABAAAAVAGN5Pi80RGHAgDAT7lgUAEBAAAAAAAFCwAAAAUAKAAAAQAAAQAAAFMacq
440 svHtARmBkAqgBAUpsBAQAAAAAAAQAAAAAFADgAEAAAAAEAAAAQICBfpXnQEZAgAMBPwtTPAQUAAAA
441 AAAUVAAAAgf34+BW7pFZyj5cFKQIAAAUAOAAwAAAAAQAAAH96lr/mDdARooUAqgAwSeIBBQAAAAAA
442 BRUAAACB/fj4FbukVnKPlwUFAgAABQAsABAAAAABAAAAHbGpRq5gWkC36P+KWNRW0gECAAAAAAAFI
443 AAAADACAAAFACwAMAAAAAEAAAAcmrZtIpTREa69AAD4A2fBAQIAAAAAAAUgAAAAMQIAAAUALAAwAA
444 AAAQAAAGK8BVjJvShEpeKFag9MGF4BAgAAAAAABSAAAAAxAgAABRo8ABAAAAADAAAAAEIWTMAg0BG
445 naACqAG4FKRTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAAEIWTMAg
446 0BGnaACqAG4FKbp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAAAECAgX
447 6V50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAEC
448 AgX6V50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAA
449 AQMIKvKl50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAAD
450 AAAAQMIKvKl50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAA
451 AADAAAAQi+6WaJ50BGQIADAT8LTzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8AB
452 AAAAADAAAAQi+6WaJ50BGQIADAT8LTz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo
453 8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5ORTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAA
454 BRI8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5Obp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqA
455 gAABRo4ABAAAAADAAAAbZ7Gt8cs0hGFTgCgyYP2CIZ6lr/mDdARooUAqgAwSeIBAQAAAAAABQkAAA
456 AFGjgAEAAAAAMAAABtnsa3xyzSEYVOAKDJg/YInHqWv+YN0BGihQCqADBJ4gEBAAAAAAAFCQAAAAU
457 SOAAQAAAAAwAAAG2exrfHLNIRhU4AoMmD9gi6epa/5g3QEaKFAKoAMEniAQEAAAAAAAUJAAAABRos
458 AJQAAgACAAAAFMwoSDcUvEWbB61vAV5fKAECAAAAAAAFIAAAACoCAAAFGiwAlAACAAIAAACcepa/5
459 g3QEaKFAKoAMEniAQIAAAAAAAUgAAAAKgIAAAUSLACUAAIAAgAAALp6lr/mDdARooUAqgAwSeIBAg
460 AAAAAABSAAAAAqAgAABRIoADABAAABAAAA3kfmkW/ZcEuVV9Y/9PPM2AEBAAAAAAAFCgAAAAASJAD
461 /AQ8AAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFBwIAAAASGAAEAAAAAQIAAAAAAAUgAAAAKgIAAAAS
462 GAC9AQ8AAQIAAAAAAAUgAAAAIAIAAA==
465 out
=$
(TZ
=UTC
$ldbadd -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
466 if [ "$?" != "0" ]; then
467 echo "ldbadd returned:\n$out"
474 dbcheck_lost_deleted_user2
()
476 dbcheck
"-lost-deleted-user2" "1" "--selftest-check-expired-tombstones"
480 add_lost_deleted_user3
()
482 ldif
=$PREFIX_ABS/${RELEASE}/add_lost_deleted_user3.ldif
484 dn: CN=fred\0ADEL:2301a64c-1122-5566-851e-12d4a711cfb4,OU=removed,DC=release-4-5-0-pre1,DC=samba,DC=corp
487 objectClass: organizationalPerson
490 whenCreated: 20160629043638.0Z
492 objectGUID: 2301a64c-1122-5566-851e-12d4a711cfb4
493 objectSid: S-1-5-21-4177067393-1453636373-93818738-1010
495 userAccountControl: 512
497 lastKnownParent: <GUID=f28216e9-1234-5678-8b2d-6bb229563b62>;OU=removed,DC=rel
498 ease-4-5-0-pre1,DC=samba,DC=corp
500 cn:: ZnJlZApERUw6MjMwMWE2NGMtMTEyMi01NTY2LTg1MWUtMTJkNGE3MTFjZmI0
501 name:: ZnJlZApERUw6MjMwMWE2NGMtMTEyMi01NTY2LTg1MWUtMTJkNGE3MTFjZmI0
502 replPropertyMetaData:: AQAAAAAAAAAXAAAAAAAAAAAAAAABAAAAVuGDDQMAAACjlkROuH+XT4o
503 z0jjbi14tnA4AAAAAAACcDgAAAAAAAAMAAAACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4A
504 AAAAAACiDgAAAAAAAAEAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAA
505 AAAAAIAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAADAAAgABAA
506 AAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAABkBAgABAAAAVuGDDQMAAAC
507 jlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAAEACQACAAAAV+GDDQMAAACjlkROuH+XT4oz
508 0jjbi14tog4AAAAAAACiDgAAAAAAAAgACQADAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tng4AA
509 AAAAACeDgAAAAAAABAACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAA
510 AAABkACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAFoACQABAAA
511 AVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAF4ACQABAAAAVuGDDQMAAACj
512 lkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAGAACQADAAAAV+GDDQMAAACjlkROuH+XT4oz0
513 jjbi14tog4AAAAAAACiDgAAAAAAAGIACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAA
514 AAAACiDgAAAAAAAH0ACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAA
515 AAJIACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAJ8ACQACAAAA
516 V+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAN0ACQABAAAAVuGDDQMAAACjl
517 kROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAC4BCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0j
518 jbi14tog4AAAAAAACiDgAAAAAAAJACCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAA
519 AAACiDgAAAAAAAA0DCQABAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAA
520 AA4DCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAAoICQABAAAAV
521 +GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAA==
522 whenChanged: 20160629043639.0Z
524 nTSecurityDescriptor:: AQAXjBQAAAAwAAAATAAAAMQAAAABBQAAAAAABRUAAACB/fj4FbukVnK
525 PlwUAAgAAAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFAAIAAAQAeAACAAAAB1o4ACAAAAADAAAAvjsO
526 8/Cf0RG2AwAA+ANnwaV6lr/mDdARooUAqgAwSeIBAQAAAAAAAQAAAAAHWjgAIAAAAAMAAAC/Ow7z8
527 J/REbYDAAD4A2fBpXqWv+YN0BGihQCqADBJ4gEBAAAAAAABAAAAAAQA1AcsAAAAAAAkAP8BDwABBQ
528 AAAAAABRUAAACB/fj4FbukVnKPlwUAAgAAAAAUAP8BDwABAQAAAAAABRIAAAAAABgA/wEPAAECAAA
529 AAAAFIAAAACQCAAAAABQAlAACAAEBAAAAAAAFCgAAAAUAKAAAAQAAAQAAAFMacqsvHtARmBkAqgBA
530 UpsBAQAAAAAABQoAAAAFACgAAAEAAAEAAABUGnKrLx7QEZgZAKoAQFKbAQEAAAAAAAUKAAAABQAoA
531 AABAAABAAAAVhpyqy8e0BGYGQCqAEBSmwEBAAAAAAAFCgAAAAUAKAAwAAAAAQAAAIa4tXdKlNERrr
532 0AAPgDZ8EBAQAAAAAABQoAAAAFACgAMAAAAAEAAACylVfkVZTREa69AAD4A2fBAQEAAAAAAAUKAAA
533 ABQAoADAAAAABAAAAs5VX5FWU0RGuvQAA+ANnwQEBAAAAAAAFCgAAAAUAOAAQAAAAAQAAAPiIcAPh
534 CtIRtCIAoMlo+TkBBQAAAAAABRUAAACB/fj4FbukVnKPlwUpAgAABQA4ABAAAAABAAAAAEIWTMAg0
535 BGnaACqAG4FKQEFAAAAAAAFFQAAAIH9+PgVu6RWco+XBSkCAAAFADgAEAAAAAEAAABAwgq8qXnQEZ
536 AgAMBPwtTPAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFKQIAAAAAFAAAAAIAAQEAAAAAAAULAAAABQA
537 oABAAAAABAAAAQi+6WaJ50BGQIADAT8LTzwEBAAAAAAAFCwAAAAUAKAAQAAAAAQAAAIa4tXdKlNER
538 rr0AAPgDZ8EBAQAAAAAABQsAAAAFACgAEAAAAAEAAACzlVfkVZTREa69AAD4A2fBAQEAAAAAAAULA
539 AAABQAoABAAAAABAAAAVAGN5Pi80RGHAgDAT7lgUAEBAAAAAAAFCwAAAAUAKAAAAQAAAQAAAFMacq
540 svHtARmBkAqgBAUpsBAQAAAAAAAQAAAAAFADgAEAAAAAEAAAAQICBfpXnQEZAgAMBPwtTPAQUAAAA
541 AAAUVAAAAgf34+BW7pFZyj5cFKQIAAAUAOAAwAAAAAQAAAH96lr/mDdARooUAqgAwSeIBBQAAAAAA
542 BRUAAACB/fj4FbukVnKPlwUFAgAABQAsABAAAAABAAAAHbGpRq5gWkC36P+KWNRW0gECAAAAAAAFI
543 AAAADACAAAFACwAMAAAAAEAAAAcmrZtIpTREa69AAD4A2fBAQIAAAAAAAUgAAAAMQIAAAUALAAwAA
544 AAAQAAAGK8BVjJvShEpeKFag9MGF4BAgAAAAAABSAAAAAxAgAABRo8ABAAAAADAAAAAEIWTMAg0BG
545 naACqAG4FKRTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAAEIWTMAg
546 0BGnaACqAG4FKbp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAAAECAgX
547 6V50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAEC
548 AgX6V50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAA
549 AQMIKvKl50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAAD
550 AAAAQMIKvKl50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAA
551 AADAAAAQi+6WaJ50BGQIADAT8LTzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8AB
552 AAAAADAAAAQi+6WaJ50BGQIADAT8LTz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo
553 8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5ORTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAA
554 BRI8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5Obp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqA
555 gAABRo4ABAAAAADAAAAbZ7Gt8cs0hGFTgCgyYP2CIZ6lr/mDdARooUAqgAwSeIBAQAAAAAABQkAAA
556 AFGjgAEAAAAAMAAABtnsa3xyzSEYVOAKDJg/YInHqWv+YN0BGihQCqADBJ4gEBAAAAAAAFCQAAAAU
557 SOAAQAAAAAwAAAG2exrfHLNIRhU4AoMmD9gi6epa/5g3QEaKFAKoAMEniAQEAAAAAAAUJAAAABRos
558 AJQAAgACAAAAFMwoSDcUvEWbB61vAV5fKAECAAAAAAAFIAAAACoCAAAFGiwAlAACAAIAAACcepa/5
559 g3QEaKFAKoAMEniAQIAAAAAAAUgAAAAKgIAAAUSLACUAAIAAgAAALp6lr/mDdARooUAqgAwSeIBAg
560 AAAAAABSAAAAAqAgAABRIoADABAAABAAAA3kfmkW/ZcEuVV9Y/9PPM2AEBAAAAAAAFCgAAAAASJAD
561 /AQ8AAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFBwIAAAASGAAEAAAAAQIAAAAAAAUgAAAAKgIAAAAS
562 GAC9AQ8AAQIAAAAAAAUgAAAAIAIAAA==
565 out
=$
(TZ
=UTC
$ldbadd -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
566 if [ "$?" != "0" ]; then
567 echo "ldbadd returned:\n$out"
574 dbcheck_lost_deleted_user3
()
576 # here we don't pass --selftest-check-expired-tombstones
577 # as we want to test the default
578 dbcheck
"-lost-deleted-user3" "0" ""
582 remove_lost_deleted_user3
()
584 out
=$
(TZ
=UTC
$ldbdel -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
"<GUID=2301a64c-1122-5566-851e-12d4a711cfb4>" --show-recycled --relax)
585 if [ "$?" != "0" ]; then
586 echo "ldbdel returned:\n$out"
593 forward_link_corruption
()
596 # Step1: add a duplicate forward link from
597 # "CN=Enterprise Admins" to "CN=Administrator"
599 LDIF1
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
-b 'CN=Enterprise Admins,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' --scope=base
--reveal --extended-dn member
)
600 DN
=$
(echo "${LDIF1}" |
grep '^dn: ')
601 MSG
=$
(echo "${LDIF1}" |
grep -v '^dn: ' |
grep -v '^#' |
grep -v '^$')
602 ldif
=$PREFIX_ABS/${RELEASE}/forward_link_corruption1.ldif
605 echo "changetype: modify"
606 echo "replace: member"
608 echo "${MSG}" |
sed -e 's!RMD_LOCAL_USN=[1-9][0-9]*!RMD_LOCAL_USN=0!'
611 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
612 if [ "$?" != "0" ]; then
613 echo "ldbmodify returned:\n$out"
618 # Step2: add user "dangling"
620 ldif
=$PREFIX_ABS/${RELEASE}/forward_link_corruption2.ldif
622 dn: CN=dangling,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
625 samaccountname: dangling
626 objectGUID: fd8a04ac-cea0-4921-b1a6-c173e1155c22
629 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
630 if [ "$?" != "0" ]; then
631 echo "ldbmodify returned:\n$out"
636 # Step3: add a dangling backlink from
637 # "CN=dangling" to "CN=Enterprise Admins"
639 ldif
=$PREFIX_ABS/${RELEASE}/forward_link_corruption3.ldif
641 echo "dn: CN=dangling,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
642 echo "changetype: modify"
644 echo "memberOf: <GUID=304ad703-468b-465e-9787-470b3dfd7d75>;<SID=S-1-5-21-4177067393-1453636373-93818738-519>;CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
647 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
648 if [ "$?" != "0" ]; then
649 echo "ldbmodify returned:\n$out"
654 dbcheck_forward_link_corruption
()
656 dbcheck
"-forward-link-corruption" "1" "--selftest-check-expired-tombstones"
660 check_expected_after_dbcheck_forward_link_corruption
()
662 tmpldif
=$PREFIX_ABS/$RELEASE/expected-after-dbcheck-forward-link-corruption.ldif.tmp
663 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(|(cn=dangling)(cn=enterprise admins))' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --sorted memberOf member
>$tmpldif
664 diff -u $tmpldif $release_dir/expected-after-dbcheck-forward-link-corruption.ldif
665 if [ "$?" != "0" ]; then
670 oneway_link_corruption
()
673 # Step1: add OU "dangling-ou"
675 ldif
=$PREFIX_ABS/${RELEASE}/oneway_link_corruption.ldif
677 dn: OU=dangling-ou,DC=release-4-5-0-pre1,DC=samba,DC=corp
679 objectclass: organizationalUnit
680 objectGUID: 20600e7c-92bb-492e-9552-f3ed7f8a2cad
683 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
684 if [ "$?" != "0" ]; then
685 echo "ldbmodify returned:\n$out"
690 # Step2: add msExchConfigurationContainer "dangling-msexch"
692 ldif
=$PREFIX_ABS/${RELEASE}/oneway_link_corruption2.ldif
694 dn: OU=dangling-from,DC=release-4-5-0-pre1,DC=samba,DC=corp
696 objectclass: organizationalUnit
697 seeAlso: OU=dangling-ou,DC=release-4-5-0-pre1,DC=samba,DC=corp
700 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
$ldif)
701 if [ "$?" != "0" ]; then
702 echo "ldbmodify returned:\n$out"
707 # Step3: rename dangling-ou to dangling-ou2
709 # Because this is a one-way link we don't fix it at runtime
711 out
=$
(TZ
=UTC
$ldbrename -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb OU
=dangling-ou
,DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp OU
=dangling-ou2
,DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
)
712 if [ "$?" != "0" ]; then
713 echo "ldbmodify returned:\n$out"
718 dbcheck_oneway_link_corruption
()
720 dbcheck
"-oneway-link-corruption" "0" "--selftest-check-expired-tombstones"
724 check_expected_after_dbcheck_oneway_link_corruption
()
726 tmpldif
=$PREFIX_ABS/$RELEASE/expected-after-dbcheck-oneway-link-corruption.ldif.tmp
727 TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(|(ou=dangling-ou)(ou=dangling-ou2)(ou=dangling-from))' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --sorted seeAlso
>$tmpldif
728 diff -u $tmpldif $release_dir/expected-after-dbcheck-oneway-link-corruption.ldif
729 if [ "$?" != "0" ]; then
734 dbcheck_dangling_multi_valued
()
737 $PYTHON $BINDIR/samba-tool dbcheck
-H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--selftest-check-expired-tombstones --fix --yes
738 if [ "$?" != "1" ]; then
743 dangling_multi_valued_check_missing
()
745 WORDS
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(samaccountname=dangling-multi2)' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted msDS-RevealedDSAs |
grep msDS-RevealedDSAs |
wc -l)
746 if [ $WORDS -ne 4 ]; then
747 echo Got only
$WORDS links
for dangling-multi2
750 WORDS
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(samaccountname=dangling-multi3)' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted msDS-RevealedDSAs |
grep msDS-RevealedDSAs |
wc -l)
751 if [ $WORDS -ne 4 ]; then
752 echo Got only
$WORDS links
for dangling-multi3
757 dangling_multi_valued_check_equal_or_too_many
()
759 WORDS
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(samaccountname=dangling-multi1)' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted msDS-RevealedDSAs |
grep msDS-RevealedDSAs |
wc -l)
760 if [ $WORDS -ne 4 ]; then
761 echo Got
$WORDS links
for dangling-multi1
765 WORDS
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(samaccountname=dangling-multi5)' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted msDS-RevealedDSAs |
grep msDS-RevealedDSAs |
wc -l)
767 if [ $WORDS -ne 0 ]; then
768 echo Got
$WORDS links
for dangling-multi5
772 WORDS
=$
(TZ
=UTC
$ldbsearch -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
'(samaccountname=Administrator)' --scope=sub
-b DC
=release-4-5-0-pre1
,DC
=samba
,DC
=corp
--show-deleted --reveal --sorted msDS-RevealedDSAs |
grep msDS-RevealedDSAs |
wc -l)
774 if [ $WORDS -ne 2 ]; then
775 echo Got
$WORDS links
for Administrator
780 dangling_link_does_not_prevent_delete
()
784 # Step1: add user "dangling"
786 ldif
=$PREFIX_ABS/${RELEASE}/backlink_can_be_vanished1.ldif
787 dn
='CN=dangling-for-vanish,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
792 samaccountname: dangling-v
793 objectGUID: fd8a04ac-cea0-4921-b1a6-c173e1155c23
796 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
797 if [ "$?" != "0" ]; then
798 echo "ldbmodify returned:\n$out"
803 # Step2: add a dangling backlink from
804 # "CN=dangling-for-vanish" to "CN=Enterprise Admins"
806 ldif
=$PREFIX_ABS/${RELEASE}/backlink_can_be_vanished2.ldif
809 echo "changetype: modify"
811 echo "memberOf: <GUID=304ad703-468b-465e-9787-470b3dfd7d75>;<SID=S-1-5-21-4177067393-1453636373-93818738-519>;CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
814 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
815 if [ "$?" != "0" ]; then
816 echo "ldbmodify returned:\n$out"
820 out
=$
(TZ
=UTC
$ldbdel -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
"$dn")
821 if [ "$?" != "0" ]; then
822 echo "ldbdel returned:\n$out"
827 dangling_link_to_unknown_does_not_prevent_delete
()
831 # Step1: add user "dangling"
833 ldif
=$PREFIX_ABS/${RELEASE}/backlink_can_be_vanished1.ldif
834 dn
='CN=dangling-for-vanish,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
839 samaccountname: dangling-v
840 objectGUID: a4090081-ac2a-410c-8924-b255375160e8
843 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
844 if [ "$?" != "0" ]; then
845 echo "ldbmodify returned:\n$out"
850 # Step2: add a dangling backlink from
851 # "CN=dangling-for-vanish" to "CN=NOT Enterprise Admins"
853 ldif
=$PREFIX_ABS/${RELEASE}/backlink_can_be_vanished2.ldif
856 echo "changetype: modify"
858 echo "memberOf: <GUID=09a47bff-0227-44e1-a8e4-63f9e726515d>;<SID=S-1-5-21-4177067393-1453636373-93818738-588>;CN=NOT Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
861 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
862 if [ "$?" != "0" ]; then
863 echo "ldbmodify returned:\n$out"
867 out
=$
(TZ
=UTC
$ldbdel -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
"$dn")
868 if [ "$?" != "0" ]; then
869 echo "ldbdel returned:\n$out"
874 dangling_link_to_known_and_unknown_does_not_prevent_delete
()
878 # Step1: add user "dangling"
880 ldif
=$PREFIX_ABS/${RELEASE}/backlink_can_be_vanished1.ldif
881 dn
='CN=dangling-for-vanish,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
886 samaccountname: dangling-v
887 objectGUID: 2882ffb1-31c3-485e-a7fc-184dfafc32d4
890 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
--relax $ldif)
891 if [ "$?" != "0" ]; then
892 echo "ldbmodify returned:\n$out"
897 # Step2: add a dangling backlink from
898 # "CN=dangling-for-vanish" to "CN=Enterprise Admins",
899 # "CN=dangling-for-vanish" to "CN=NOT Enterprise Admins" and
902 ldif
=$PREFIX_ABS/${RELEASE}/backlink_can_be_vanished2.ldif
905 echo "changetype: modify"
907 echo "memberOf: <GUID=304ad703-468b-465e-9787-470b3dfd7d75>;<SID=S-1-5-21-4177067393-1453636373-93818738-519>;CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
908 echo "memberOf: <GUID=09a47bff-0227-44e1-a8e4-63f9e726515d>;<SID=S-1-5-21-4177067393-1453636373-93818738-588>;CN=NOT Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
909 echo "memberOf: <GUID=2882ffb1-31c3-485e-a7fc-184dfafc32d4>;CN=dangling-for-vanish,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
912 out
=$
(TZ
=UTC
$ldbmodify -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb.d
/DC
%3DRELEASE-4-5-0-PRE1
,DC
%3DSAMBA
,DC
%3DCORP.ldb
$ldif)
913 if [ "$?" != "0" ]; then
914 echo "ldbmodify returned:\n$out"
918 out
=$
(TZ
=UTC
$ldbdel -H tdb
://$PREFIX_ABS/${RELEASE}/private
/sam.ldb
"$dn")
919 if [ "$?" != "0" ]; then
920 echo "ldbdel returned:\n$out"
925 remove_directory
$PREFIX_ABS/${RELEASE}
927 testit
$RELEASE undump || failed
=$
(expr $failed + 1)
928 testit
"add_two_more_users" add_two_more_users || failed
=$
(expr $failed + 1)
929 testit
"add_four_more_links" add_four_more_links || failed
=$
(expr $failed + 1)
930 testit
"remove_one_link" remove_one_link || failed
=$
(expr $failed + 1)
931 testit
"remove_one_user" remove_one_user || failed
=$
(expr $failed + 1)
932 testit
"move_one_user" move_one_user || failed
=$
(expr $failed + 1)
933 testit
"add_dangling_link" add_dangling_link || failed
=$
(expr $failed + 1)
934 testit
"add_dangling_backlink" add_dangling_backlink || failed
=$
(expr $failed + 1)
935 testit
"add_deleted_dangling_backlink" add_deleted_dangling_backlink || failed
=$
(expr $failed + 1)
936 testit
"revive_links_on_deleted_group" revive_links_on_deleted_group || failed
=$
(expr $failed + 1)
937 testit
"revive_backlink_on_deleted_group" revive_backlink_on_deleted_group || failed
=$
(expr $failed + 1)
938 testit
"add_deleted_target_link" add_deleted_target_link || failed
=$
(expr $failed + 1)
939 testit
"add_deleted_target_backlink" add_deleted_target_backlink || failed
=$
(expr $failed + 1)
940 testit
"dbcheck_dangling" dbcheck_dangling || failed
=$
(expr $failed + 1)
941 testit
"dbcheck_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
942 testit
"check_expected_after_deleted_links" check_expected_after_deleted_links || failed
=$
(expr $failed + 1)
943 testit
"check_expected_after_links" check_expected_after_links || failed
=$
(expr $failed + 1)
944 testit
"check_expected_after_objects" check_expected_after_objects || failed
=$
(expr $failed + 1)
945 testit
"duplicate_member" duplicate_member || failed
=$
(expr $failed + 1)
946 testit
"dbcheck_duplicate_member" dbcheck_duplicate_member || failed
=$
(expr $failed + 1)
947 testit
"check_expected_after_duplicate_links" check_expected_after_duplicate_links || failed
=$
(expr $failed + 1)
948 testit
"duplicate_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
949 testit
"forward_link_corruption" forward_link_corruption || failed
=$
(expr $failed + 1)
950 testit
"dbcheck_forward_link_corruption" dbcheck_forward_link_corruption || failed
=$
(expr $failed + 1)
951 testit
"check_expected_after_dbcheck_forward_link_corruption" check_expected_after_dbcheck_forward_link_corruption || failed
=$
(expr $failed + 1)
952 testit
"forward_link_corruption_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
953 testit
"oneway_link_corruption" oneway_link_corruption || failed
=$
(expr $failed + 1)
954 testit
"dbcheck_oneway_link_corruption" dbcheck_oneway_link_corruption || failed
=$
(expr $failed + 1)
955 testit
"check_expected_after_dbcheck_oneway_link_corruption" check_expected_after_dbcheck_oneway_link_corruption || failed
=$
(expr $failed + 1)
956 testit
"oneway_link_corruption_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
957 testit
"dangling_one_way_link" dangling_one_way_link || failed
=$
(expr $failed + 1)
958 testit
"dbcheck_one_way" dbcheck_one_way || failed
=$
(expr $failed + 1)
959 testit
"dbcheck_clean2" dbcheck_clean || failed
=$
(expr $failed + 1)
960 testit
"missing_link_sid_corruption" missing_link_sid_corruption || failed
=$
(expr $failed + 1)
961 testit
"dbcheck_missing_link_sid_corruption" dbcheck_missing_link_sid_corruption || failed
=$
(expr $failed + 1)
962 testit
"missing_link_sid_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
963 testit
"add_lost_deleted_user1" add_lost_deleted_user1 || failed
=$
(expr $failed + 1)
964 testit
"dbcheck_lost_deleted_user1" dbcheck_lost_deleted_user1 || failed
=$
(expr $failed + 1)
965 testit
"lost_deleted_user1_clean_A" dbcheck_clean || failed
=$
(expr $failed + 1)
966 testit
"remove_lost_deleted_user1" remove_lost_deleted_user1 || failed
=$
(expr $failed + 1)
967 testit
"lost_deleted_user1_clean_B" dbcheck_clean || failed
=$
(expr $failed + 1)
968 testit
"add_lost_deleted_user2" add_lost_deleted_user2 || failed
=$
(expr $failed + 1)
969 testit
"dbcheck_lost_deleted_user2" dbcheck_lost_deleted_user2 || failed
=$
(expr $failed + 1)
970 testit
"lost_deleted_user2_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
971 testit
"add_lost_deleted_user3" add_lost_deleted_user3 || failed
=$
(expr $failed + 1)
972 testit
"dbcheck_lost_deleted_user3" dbcheck_lost_deleted_user3 || failed
=$
(expr $failed + 1)
973 testit
"lost_deleted_user3_clean_A" dbcheck_clean || failed
=$
(expr $failed + 1)
974 testit
"remove_lost_deleted_user3" remove_lost_deleted_user3 || failed
=$
(expr $failed + 1)
975 testit
"lost_deleted_user3_clean_B" dbcheck_clean || failed
=$
(expr $failed + 1)
976 testit
"dangling_one_way_dn" dangling_one_way_dn || failed
=$
(expr $failed + 1)
977 testit
"deleted_one_way_dn" deleted_one_way_dn || failed
=$
(expr $failed + 1)
978 testit
"dbcheck_clean3" dbcheck_clean || failed
=$
(expr $failed + 1)
979 testit
"add_dangling_multi_valued" add_dangling_multi_valued || failed
=$
(expr $failed + 1)
980 testit
"dbcheck_dangling_multi_valued" dbcheck_dangling_multi_valued || failed
=$
(expr $failed + 1)
981 testit
"dangling_multi_valued_check_missing" dangling_multi_valued_check_missing || failed
=$
(expr $failed + 1)
982 testit
"dangling_multi_valued_check_equal_or_too_many" dangling_multi_valued_check_equal_or_too_many || failed
=$
(expr $failed + 1)
983 # Currently this cannot pass
984 testit
"dbcheck_dangling_multi_valued_clean" dbcheck_clean || failed
=$
(expr $failed + 1)
985 testit
"dangling_link_does_not_prevent_delete" dangling_link_does_not_prevent_delete || failed
=$
(expr $failed + 1)
986 testit
"dangling_link_to_unknown_does_not_prevent_delete" dangling_link_to_unknown_does_not_prevent_delete || failed
=$
(expr $failed + 1)
987 testit
"dangling_link_to_known_and_unknown_does_not_prevent_delete" dangling_link_to_known_and_unknown_does_not_prevent_delete || failed
=$
(expr $failed + 1)
989 remove_directory
$PREFIX_ABS/${RELEASE}