My S4 secondary DC

[Cam Thompson]

Hello List;

MY S4 DC, while behaving nicely as a replication partner is also acting like
a RODC.  I cannot make direct edits to any of the objects in it without
getting permission denied errors (using dsa.msc from a windows xp client
bound to this domain).  Although I do not have the DNS patches applied,
./samba_dnsupdate --verbose returns no errors.  I am using the latest master
repo with Andrew's drs-links-wip2 changes merged.  We also upgraded this
domain from a win2k domain to a win2k3 domain for testing purposes.  Any
information that can help me get beyond this problem will be really
appreciated - I've been working on this for a week with limited results =/

If anyone would like a copy of some debug level 10 output, I would have been
happy to attach it here but the size limit for the list won't allow me.  I
can send on an as-needed basis though, just ask.

[root at dev-teadc1 bin]# ./net drs showrepl -Uadministrator%<password> dev-teadc1
Default-First-Site-Name\DEV-TEADC1
DSA Options: (none)
Site Options: (none)
DSA object GUID: afaf0e30-1375-40e6-8e46-9bdf99d483a3


DSA invocationID: f433cb88-84a6-4b34-8833-d3c909ed26e7

==== INBOUND NEIGHBORS ====
DsReplicaGetInfo failed - WERR_DS_DRA_ACCESS_DENIED.
return code = -1
DsReplicaGetInfo() failed for DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES



Many Thanks,

-Cam / plaerzen

-- 
Among those whom I like or admire, I can find no common denominator, but
among those whom I love, I can: all of them make me laugh.  - W. H. Auden

-- 
Among those whom I like or admire, I can find no common denominator, but
among those whom I love, I can: all of them make me laugh.  - W. H. Auden