[Samba] New sparsely connected replia graph (Improved KCC)

James lingpanda101 at gmail.com
Fri Sep 11 13:16:56 UTC 2015 

On 9/11/2015 12:41 AM, Garming Sam wrote:
> Hi,
> 
> That should hopefully be the case. Do note that if you delete any
> connections concerning an RODC, you may have to recreate them manually.
> This behaviour seems to be consistent with Windows (and is reasonably
> well documented as the RODC SYSVOL connection, despite the term SYSVOL
> being misleading to some users).
> 
> Again, going on what Andrew has said, we would really like to know how
> this works out for you.
> 
> Cheers,
> 
> Garming
> 
> 
> On 10/09/15 05:50, James wrote:
>> Hello,
>>
>>      I've enabled this in my smb.conf on all DC's across all sites. I've
>> created a user on one DC and verified it replicated to all others after
>> making this change. I have previously configured sites and services
>> which I assume is a prerequisite to this parameter having any benefit? I
>> have Inter-Site Transports configured accordingly to how I want
>> replication to happen. Using Active Directory Sites and Services I
>> notice I still have the automatically generated KCC connections under my
>> NTDS settings. Prior to adding this parameter I attempted to delete the
>> automatically generated connections but the KCC would created them. Am I
>> safe to assume that if I delete these unwanted connections, the KCC will
>> follow the Inter-Site Transports settings now? Thanks.
>>
> 

I'm noticing some strange behavior.

After making the change I deleted the automatically generated
connections but the KCC regenerated them. However this time the
connections I deleted have been duplicated on a one DC. Another DC where
I made no changes have had connections removed that should not have been
removed.

 Let me elaborate on the topology a bit. I have 6 DC's all writable(No
RODC's). I have a total of 3 sites with 2 DC's at each. All sites are
connected via. hub and spoke. Satellite offices have a 1.5Mb wan link
connection and HQ's has a dual bonded 1.5Mb connection.

The limited bandwidth is the reason for attempting this change. I will
try and write this out on how it looks in sites and services.

SITEA
  Servers
       SDC1
          NTDS Settings   SDC2
                          PDC2
                          PDC1
		          DDC1
                          DDC2
       SDC2
	  NTDS Settings   SDC1
                          PDC2
			  PDC1
			  DDC1
			  DDC2
			  PDC2
		          PDC2	
Default-First-Site-Name
  Servers
       PDC1
	  NTDS Settings	  PDC2
			  DDC1
			  SDC1
       PDC2
	  NTDS Settings   SDC1
                          DDC1
                          DDC2
			  PDC1
			  SDC2

SITEB
  Servers
       DDC1
	  NTDS Settings   DDC2
			  PDC2
		          PDC1
			  SDC1
			  SDC2
			  PDC2
	DDC2
    	   NTDS Settings
	                  PDC2
			  PDC1
			  DDC1
			  SDC1
			  SDC2	  				

I verified using 'samba-tool drs showrepl' that what I'm seeing here is
reflected. I made no changes to Default-First-Site-Name yet I see a few
automatically generated connections removed on PDC1. PDC1 holds all FSMO
roles if that means anything. SITEA and SITEB are where I made changes.
They should communicate with the Default-First-Site-Name and not each
other.

You can see SITEB DDC1 has duplicate connections to PDC2. SITEA SDC2 has
duplicate connections to PDC2(3 of them). Default-First-Site-Name PDC1
where I made no changes has SDC2 and DDC2 removed.

Under Inter-Site-Transports/IP I have 2 site links configured for SITEB
to HQ's and SITEA to HQ's. I've also toggled Bridge all site links which
appeared to not make any difference at first but maybe it did over time?
It currently is ticked.

I'm going to remove the new parameter in my smb.conf and see if the KCC
will correct itself.


-- 
-James

More information about the samba mailing list