My S4 secondary DC
Cam Thompson
cam.thompson at gmail.com
Mon Jun 21 09:25:32 MDT 2010
Hello List;
MY S4 DC, while behaving nicely as a replication partner is also acting like
a RODC. I cannot make direct edits to any of the objects in it without
getting permission denied errors (using dsa.msc from a windows xp client
bound to this domain). Although I do not have the DNS patches applied,
./samba_dnsupdate --verbose returns no errors. I am using the latest master
repo with Andrew's drs-links-wip2 changes merged. We also upgraded this
domain from a win2k domain to a win2k3 domain for testing purposes. Any
information that can help me get beyond this problem will be really
appreciated - I've been working on this for a week with limited results =/
If anyone would like a copy of some debug level 10 output, I would have been
happy to attach it here but the size limit for the list won't allow me. I
can send on an as-needed basis though, just ask.
[root at dev-teadc1 bin]# ./net drs showrepl -Uadministrator%<password> dev-teadc1
Default-First-Site-Name\DEV-TEADC1
DSA Options: (none)
Site Options: (none)
DSA object GUID: afaf0e30-1375-40e6-8e46-9bdf99d483a3
DSA invocationID: f433cb88-84a6-4b34-8833-d3c909ed26e7
==== INBOUND NEIGHBORS ====
DsReplicaGetInfo failed - WERR_DS_DRA_ACCESS_DENIED.
return code = -1
DsReplicaGetInfo() failed for DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES
Many Thanks,
-Cam / plaerzen
--
Among those whom I like or admire, I can find no common denominator, but
among those whom I love, I can: all of them make me laugh. - W. H. Auden
--
Among those whom I like or admire, I can find no common denominator, but
among those whom I love, I can: all of them make me laugh. - W. H. Auden
More information about the samba-technical
mailing list