[Samba] Replication not working for remote Domain Controller
Rowland penny
rpenny at samba.org
Wed Dec 18 10:03:40 UTC 2019
On 18/12/2019 09:56, shacky wrote:
>
> I have been doing a bit of investigation and I 'think' we do have
> a tool ;-)
>
>
> Gooooooooddd!! :-)
>
> If you examine 'samba_upgradedns', at the top it says this:
> # Upgrade DNS provision from BIND9_FLATFILE to BIND9_DLZ or
> SAMBA_INTERNAL
> I think if you use it to upgrade to either BIND_DLZ or
> SAMBA_INTERNAL,
> it should create the required AD objects.
>
>
> I'm using BIND9_DLZ because Bind is running on my Zentyal PDCs and the
> DNS service is disabled on Samba on every domain controller:
>
> =====================
> server services = -dns
> =====================
Are you running Bind9 on each DC ?
You should be, if the internal dns server is disabled.
>
> Is there any way that you could clone a DC and sandbox it (you will
> probably have to forcibly demote the other DCs) and then run
> samba_upgradedns against it ?
>
>
> Yes, I can clone the dc1 virtual machine, remove it from the network,
> try to upgrade the DNS, demote all other domain controllers, and then
> recheck with ldbsearch.
>
> Do you think that this could be the cause of other two problems I
> reported in my previous email?
Possibly, but one thing at once :-)
>
> I also checked the schema version and it seems to be Windows Server
> 2012R2:
>
> =====================
> root at dc1:/ (10:55:28)# ldbsearch -H /var/lib/samba/private/sam.ldb -b
> 'cn=Schema,cn=Configuration,dc=my,dc=domain,dc=com' -s base objectVersion
> # record 1
> dn: CN=Schema,CN=Configuration,DC=my,DC=domain,DC=com
> objectVersion: 47
No, '47' is 2008R2, see here:
https://wiki.samba.org/index.php/AD_Schema_Version_Support
Rowland
More information about the samba
mailing list