unable to add replication for ForestDnsZones and DomainDnsZones

Andreas Oster aoster at novanetwork.de
Sat Jun 16 12:35:26 MDT 2012


Am 16.06.2012 19:00, schrieb Ricky Nance:
> Andreas, First double check that dc02 can at least ping dc01 by name, if
> that doesn't work fix your dns, secondly I use the command as
> follows,  samba-tool drs replicate dc02 dc01
> DC=DOMAINDNSZONES,DC=EXAMPLE,DC=LOCAL --local. I also had issues when (I
> stupidly) forgot to add the keytab to the dc01 bind options file... so you
> might double check that dc02 is actually getting added properly to AD when
> you join it as well. Those may not fix your issue, but its definitely worth
> checking out.
> 
> Good luck,
> Ricky
> 
> On Sat, Jun 16, 2012 at 11:19 AM, Andreas Oster <aoster at novanetwork.de>wrote:
> 
>> Hi all,
>>
>> I am trying to setup DRS replication of the ForestDnsZones
>> and DomainDnsZones between two samba4 DCs but get errors when issuing
>> the following command on primary DC dc01 (running DNS server):
>>
>> ./samba-tool drs replicate dc02.example.local dc01.example.local
>> 'DC=DomainDnsZones,DC=example,DC=local" -d3
>>
>> lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
>> params.c:pm_process() - Processing configuration file
>> "/usr/local/samba/etc/smb.conf"
>> ldb_wrap open of secrets.ldb
>> GENSEC backend 'gssapi_spnego' registered
>> GENSEC backend 'gssapi_krb5' registered
>> GENSEC backend 'gssapi_krb5_sasl' registered
>> GENSEC backend 'schannel' registered
>> GENSEC backend 'spnego' registered
>> GENSEC backend 'ntlmssp' registered
>> GENSEC backend 'krb5' registered
>> GENSEC backend 'fake_gssapi_krb5' registered
>> Using binding ncacn_ip_tcp:dc02.example.local[,seal]
>> ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed -
>> drsException: DsReplicaSync failed (8442, 'WERR_DS_DRA_INTERNAL_ERROR')
>>  File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/drs.py", line
>> 331, in run
>>    drs_utils.sendDsReplicaSync(self.drsuapi, self.drsuapi_handle,
>> source_dsa_guid, NC, req_options)
>>  File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/drs_utils.py", line
>> 83, in sendDsReplicaSync
>>    raise drsException("DsReplicaSync failed %s" % estr)
>>
>>
>> Does anybody have an idea what could the cause of this ?
>>
>> Samba4 version: samba version 4.0.0beta2-GIT-bbb7cbf
>>
>> Thank you for your kind help
>>
>> best regards
>>
>> Andreas
>>
>>
> 
> 
> --
> 
Hello Ricky,

thanks for your answer. I have verified that dc02 can ping dc01 by name.
I also did a manual samba_dnsupdate on dc02 which worked without any
problems (have seen updates in bind log).
I also tried the syntax you have used:
./samba-tool drs replicate dc02 dc01
DC=DOMAINDNSZONES,DC=EXAMPLE,DC=LOCAL --local

unfortunately this does not change anything. I sill get the same error
messages.

best regards

Andreas




More information about the samba-technical mailing list