Environment
Novell Open Enterprise Server 11 SP2 (OES11SP2)
Novell Open Enterprise Server 11 SP1 (OES11SP1)Domain Serices for Windows
DSFW
DSFW
Situation
How to find and remove duplicate sids
Resolution
DEFAULTNAMINGCONTEXT=`/usr/bin/ldapsearch -x -b "" -s base defaultnamingcontext | grep -i 'defaultnamingcontext: ' | awk '{print $2}'`
export LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf
ldapsearch -Y EXTERNAL -LLL -Q -b "$DEFAULTNAMINGCONTEXT" -s sub "(&(objectclass=*)(objectsid=*))" cn objectsid >/tmp/objectsids.log
sids=$(grep -i objectsid:: /tmp/objectsids.log|sort |uniq -c |sort -n |grep -v ' 1 ' |awk '{print $3}')
sids2=$(echo $sids | sed -e 's/ /\\|/g')
grep -e $sids2 -B 2 /tmp/objectsids.log >/tmp/duplicateObjectsids.log
Look at the /tmp/duplicateObjectsids.log for objects with duplicate sids
export LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf
ldapsearch -Y EXTERNAL -LLL -Q -b "$DEFAULTNAMINGCONTEXT" -s sub "(&(objectclass=*)(objectsid=*))" cn objectsid >/tmp/objectsids.log
sids=$(grep -i objectsid:: /tmp/objectsids.log|sort |uniq -c |sort -n |grep -v ' 1 ' |awk '{print $3}')
sids2=$(echo $sids | sed -e 's/ /\\|/g')
grep -e $sids2 -B 2 /tmp/objectsids.log >/tmp/duplicateObjectsids.log
Look at the /tmp/duplicateObjectsids.log for objects with duplicate sids
Additional Information
#!/bin/bash
defaultnamingcontext=`/usr/bin/ldapsearch -x -b "" -s base defaultnamingcontext | grep -i 'defaultnamingcontext: ' | awk '{print $2}'`
export LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf
ldapsearch -Y EXTERNAL -LLL -Q -b "$defaultnamingcontext" -s sub "(&(objectclass=*)(objectsid=*))" cn objectsid >/tmp/objectsids.log
sids=$(grep -i objectsid:: /tmp/objectsids.log|sort |uniq -c |sort -n |grep -v ' 1 ' |awk '{print $3}')
sids2=$(echo $sids | sed -e 's/ /\\|/g')
grep -e $sids2 -B 2 /tmp/objectsids.log >/tmp/duplicateObjectsids.log
less /tmp/duplicateObjectsids.log
defaultnamingcontext=`/usr/bin/ldapsearch -x -b "" -s base defaultnamingcontext | grep -i 'defaultnamingcontext: ' | awk '{print $2}'`
export LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf
ldapsearch -Y EXTERNAL -LLL -Q -b "$defaultnamingcontext" -s sub "(&(objectclass=*)(objectsid=*))" cn objectsid >/tmp/objectsids.log
sids=$(grep -i objectsid:: /tmp/objectsids.log|sort |uniq -c |sort -n |grep -v ' 1 ' |awk '{print $3}')
sids2=$(echo $sids | sed -e 's/ /\\|/g')
grep -e $sids2 -B 2 /tmp/objectsids.log >/tmp/duplicateObjectsids.log
less /tmp/duplicateObjectsids.log