Bug Replication 2 SMB4 Servers

[Daniel Müller]

Is this bug solved???:


2) the 2nd problem is a bug that I introduced in the last couple of
days. I'm hoping to fix it today, but if I haven't fixed it by the
time you try this again then you need to remove the chunks of code in
rpc_server/drsuapi/*.c that look like this:
if (security_session_user_level(dce_call->conn->auth_state.session_info) <
SECURITY_DOMAIN_CONTROLLER) {
DEBUG(0,("DsReplicaSync refused for security token\n"));
return WERR_DS_DRA_ACCESS_DENIED;
}
I added this to lock down the DRS services (ie. to not allow any
anonymous user to do DRS synchronisation), and it works fine when you
are vampiring from windows, but from s4s4 it currently fails as we
are not populating the user secuity token with the
SID_NT_ENTERPRISE_DCS SID correctly. Andrew and I are looking into why
at the moment.
Otherwise wait for a few hours for Andrew and I to work out why we're
not getting the token right.
Cheers, Tridge



I get this error replicating from master tot he joined DC:

dns child failed to find name
'a441f8f9-629d-43c4-bce6-a5dfba1e4ad9._msdcs.tuebingen.tst.loc' of type A
dreplsrv_notify: Failed to send DsReplicaSync to
a441f8f9-629d-43c4-bce6-a5dfba1e4ad9._msdcs.tuebingen.tst.loc for
DC=tuebingen,DC=tst,DC=loc - NT_STATUS_OBJECT_NAME_NOT_FOUND : WERR_BADFILE
← Error!!??
started DsReplicaSync for
CN=Schema,CN=Configuration,DC=tuebingen,DC=tst,DC=loc to
a441f8f9-629d-43c4-bce6-a5dfba1e4ad9._msdcs.tuebingen.tst.loc



Daniel




-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------