[Samba] Replication issue
dahopkins at comcast.net
dahopkins at comcast.net
Mon Aug 26 19:37:19 MDT 2013
I have a server that is not replicating correctly, but passes all the tests listed here: https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
In particular running
# host -t CNAME 976c9c86-288d-483e-baec-7043a9c4a6cd._msdcs.ncs.k12.de.us
976c9c86-288d-483e-baec-7043a9c4a6cd._msdcs.ncs.k12.de.us is an alias for ncssamba2.ncs.k12.de.us.
returns correct information on all DCs.
However, the command samba-tool drs showrepl shows that for the above server, replication fails when run on ncssamba1.
e.g.
CN=Schema,CN=Configuration,DC=ncs,DC=k12,DC=de,DC=us
Default-First-Site-Name\NCSSAMBA2 via RPC
DSA object GUID: 976c9c86-288d-483e-baec-7043a9c4a6cd
Last attempt @ Mon Aug 26 21:23:29 2013 EDT failed, result 87 (WERR_INVALID_PARAM)
386 consecutive failure(s).
Last success @ NTTIME(0)
but running the same command on ncssamba2 (the server in question)
CN=Schema,CN=Configuration,DC=ncs,DC=k12,DC=de,DC=us
Default-First-Site-Name\NCSSAMBA1 via RPC
DSA object GUID: 0bd99af6-a59f-4143-a56d-dae3dd6c2fd5
Last attempt @ Mon Aug 26 21:05:11 2013 EDT was successful
0 consecutive failure(s).
Last success @ Mon Aug 26 21:05:11 2013 EDT
So, ncssamba2 can initiate replication with ncssamba 1 and succeeds, but ncssamba1 cannot initiate replication with ncssamba2?
Decided to try and demote the server:
# samba-tool domain demote -UAdministrator
Using ncssamba1.ncs.k12.de.us as partner server for the demotion
Password for [NEWARKCHARTER\Administrator]:
Desactivating inbound replication
Asking partner server ncssamba1.ncs.k12.de.us to synchronize from us
Error while demoting, re-enabling inbound replication
ERROR(<class 'samba.drs_utils.drsException'>): Error while sending a DsReplicaSync for partion CN=Schema,CN=Configuration,DC=ncs,DC=k12,DC=de,DC=us - drsException: DsReplicaSync failed (87, 'WERR_INVALID_PARAM')
File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line 647, in run
sendDsReplicaSync(drsuapiBind, drsuapi_handle, ntds_guid, str(part), drsuapi.DRSUAPI_DRS_WRIT_REP)
File "/usr/local/samba/lib/python2.7/site-packages/samba/drs_utils.py", line 83, in sendDsReplicaSync
raise drsException("DsReplicaSync failed %s" % estr)
I also tried deleting through ADUC which does not work either. I get the error about an invalid module. I've searched the mailing and haven't found an answer.
How can I fix this? I need to either get replication working for all servers with this server, or delete this server from the domain and start over.
Sincerely,
Dave Hopkins
More information about the samba
mailing list