[Samba] 4.2.2 as AD with 2 DCs: database incoherency
Daniel Müller
mueller at tropenklinik.de
Thu Jul 16 06:19:50 UTC 2015
On my site with samba 4.18 on centos 6:
'samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator' failed with this result msDS-NC Type failed :
[root at s4master ~]# samba-tool ldapcmp ldap://s4master ldap://s4slave -Uadministrator
Password for [TPLK\administrator]:
* Comparing [DOMAIN] context...
* Objects to be compared: 606
Comparing:
'CN=Builtin,DC=tplk,DC=loc' [ldap://s4master]
'CN=Builtin,DC=tplk,DC=loc' [ldap://s4slave]
Attributes found only in ldap://s4master:
serverState
FAILED
Comparing:
'DC=tplk,DC=loc' [ldap://s4master]
'DC=tplk,DC=loc' [ldap://s4slave]
Attributes found only in ldap://s4master:
msDS-NcType
serverState
FAILED
* Result for [DOMAIN]: FAILURE
SUMMARY
---------
Attributes found only in ldap://s4master:
msDS-NcType
serverState
* Comparing [CONFIGURATION] context...
* Objects to be compared: 1616
Comparing:
'CN=Configuration,DC=tplk,DC=loc' [ldap://s4master]
'CN=Configuration,DC=tplk,DC=loc' [ldap://s4slave]
Attributes found only in ldap://s4master:
subRefs
msDS-NcType
FAILED
* Result for [CONFIGURATION]: FAILURE
SUMMARY
---------
Attributes found only in ldap://s4master:
msDS-NcType
subRefs
* Comparing [SCHEMA] context...
* Objects to be compared: 1550
Comparing:
'CN=Schema,CN=Configuration,DC=tplk,DC=loc' [ldap://s4master]
'CN=Schema,CN=Configuration,DC=tplk,DC=loc' [ldap://s4slave]
Attributes found only in ldap://s4master:
msDS-NcType
FAILED
* Result for [SCHEMA]: FAILURE
SUMMARY
---------
Attributes found only in ldap://s4master:
msDS-NcType
* Comparing [DNSDOMAIN] context...
* Objects to be compared: 333
Comparing:
'DC=DomainDnsZones,DC=tplk,DC=loc' [ldap://s4master]
'DC=DomainDnsZones,DC=tplk,DC=loc' [ldap://s4slave]
Attributes found only in ldap://s4master:
msDS-NcType
FAILED
* Result for [DNSDOMAIN]: FAILURE
SUMMARY
---------
Attributes found only in ldap://s4master:
msDS-NcType
* Comparing [DNSFOREST] context...
* Objects to be compared: 19
Comparing:
'DC=ForestDnsZones,DC=tplk,DC=loc' [ldap://s4master]
'DC=ForestDnsZones,DC=tplk,DC=loc' [ldap://s4slave]
Attributes found only in ldap://s4master:
msDS-NcType
FAILED
* Result for [DNSFOREST]: FAILURE
SUMMARY
---------
Attributes found only in ldap://s4master:
msDS-NcType
ERROR: Compare failed: -1
Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von Rowland Penny
Gesendet: Mittwoch, 15. Juli 2015 17:35
An: samba at lists.samba.org
Betreff: Re: [Samba] 4.2.2 as AD with 2 DCs: database incoherency
On 15/07/15 14:31, mathias dufresne wrote:
> Hi all,
>
> I'm having a test AD domain composed with 2 DC, using Sernet's version
> of Samba 4.2.2.
>
> These two DC are Centos 6.6 (dc20) and Debian 7.8 (dc00).
>
> These two are using TDB as a backend (as we have no other choice at
> this stage of Samba's development).
>
> *dc20*:~# ldbsearch -H $sam '(objectclass=group)' dn | tail -3 #
> returned 27392 records # *27389* entries # 3 referrals *dc00*:~#
> ldbsearch -H $sam '(objectclass=group)' dn | tail -3 # returned 27892
> records # *27889* entries # 3 referrals
>
> I'm wondering with I'm missing 500 groups on dc20 database.
>
> Perhaps this issue comes from the fact there was a space issue on dc00
> (/var/log/samba/log.samba fulfilled /var (debug) and database is on
> same FS into /var/lib/samba).
>
> Anyway, do we have something to force databases to come back to a
> coherent state?
> Could we tdbdump the DB on one host then tdbrestore it on the other?
>
> Kindly regards,
>
> mathias
What does 'samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator' show ?
More info, see here: https://wiki.samba.org/index.php/Samba-tool_ldapcmp
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list