[Samba] Samba4 and SiteLinkBridges

Achim Gottinger achim at ag-web.biz
Sun Nov 3 08:34:36 MST 2013 

Am 03.11.2013 16:30, schrieb Achim Gottinger:
> Am 22.10.2013 08:20, schrieb Achim Gottinger:
>> Hi,
>>
>> Having an test environment here with four sites, sites 2-4 are 
>> connected to site 1 via vpn. No vpn tunnels between sites 2-4, so the 
>> sites 2-4 can only communicate with site 1.
>> Each site has it's samba4 AD DC server and they are all part of the 
>> same domain.
>> Did abit of reading and found that i must use so called SiteLinks to 
>> replicate the site objects between sites 2-4 via site 1.
>> Created three SiteLinks (sl12:1,2 sl13:1,3 sl14:1,4) and three 
>> SiteLinkBridges(slb23:sl12,sl13 slb24: sl12,sl14 slb34: sl13,sl14). 
>> Had to remove the DEFAULTSITELINK entry to reassign the sites.
>> So far so good, restarted all servers and waiter for an while but 
>> still on sites 2-3 only site 1 objects get replicated, others still 
>> show errors like this
>>
>> CN=Schema,CN=Configuration,DC=domain,DC=local
>>         site2\server2 via RPC
>>                 DSA object GUID: b61417b8-acb0-48ea-acf7-d8b739e3aa23
>>                 Last attempt @ Tue Oct 22 08:13:07 2013 CEST failed, 
>> result 1232 (WERR_HOST_UNREACHABLE)
>>                 125 consecutive failure(s).
>>                 Last success @ NTTIME(0)
>>
>> Are SiteLinkBridges supposed to work with samba4?
>>
>> Thanks in advance,
>> Achim Gottinger
> Skimmed over the code in samba_kcc. I can see that SiteLink's are read 
> in load_all_sitelinks but the. Looking into ADSI the SiteLinkBridges 
> also reside in CN=Inter-Site Transports,CN=Sites but have an 
> objectClass of SiteLinkBridge instead of SiteLink. So I assume 
> SiteLinkBridges are ignored right now. I'd expect that in above 
> configuration site 2-4 should not try to contact each other because 
> there are no SiteLink objects defined between them, however the log at 
> for example site2 still shows errors trying to connet to sites 3-4.
>
> [2013/11/03 16:28:00.671751,  0] 
> ../source4/librpc/rpc/dcerpc_sock.c:256(continue_socket_connect)
>   Failed to connect host [server at site 3 ip] on port 135 - 
> NT_STATUS_HOST_UNREACHABLE
> [2013/11/03 16:28:00.672221,  0] 
> ../source4/librpc/rpc/dcerpc_sock.c:419(continue_ip_open_socket)
>   Failed to connect host [server at site 3 ip] 
> (ded885f4-5178-41d5-9274-e1f7268ca2e8._msdcs.fot.local) on port 135 - 
> NT_STATUS_HOST_UNREACHABLE
My setup uses debian wheezy 64bit with sernet's samba 4 packages vers 
4.0.10-8 atm.

More information about the samba mailing list