Need urgent help with samba4 DC re-join

Andreas Oster aoster at novanetwork.de
Wed Jun 27 06:39:17 MDT 2012 

Am 27.06.2012 14:26, schrieb Andrew Bartlett:
> On Wed, 2012-06-27 at 14:12 +0200, Andreas Oster wrote:
>> Am 27.06.2012 12:21, schrieb Andrew Bartlett:
>>> On Wed, 2012-06-27 at 08:21 +0200, Andreas Oster wrote:
>>>> Hello all,
>>>>
>>>> today I have tried to fix replication of ForestDnsZones and
>>>> DomainDnsZones. I pulled the current sources from GIT and recompiled
>>>> samba4. After installation I demoted the second DC, which completed
>>>> without any errors. Afterwards I have tried to re-join the server but
>>>> this is constantly failing. I have attached the d3 output of the join
>>>> attempt.
>>>>
>>>> In the PDC log.samba the following error comes up when joining of the
>>>> second DC failes:
>>>>
>>>> [2012/06/27 08:13:30,  0] ../source4/dsdb/common/util.c:2689(dsdb_savereps)
>>>>   Failed to store repsTo - objectclass_attrs: attribute 'dc' on entry
>>>> 'DC=DomainDnsZones,DC=novanetwork,DC=loc' does not exist in the
>>>> specified objectclasses!
>>>> [2012/06/27 08:13:30,  0]
>>>> ../source4/rpc_server/drsuapi/updaterefs.c:154(drsuapi_UpdateRefs)
>>>>   Failed to delete repsTo for d54eb180-fd57-4629-8f8f-bb48373a8daa:
>>>> WERR_DS_DRA_INTERNAL_ERROR
>>>>
>>>>
>>>> Stupid as I am, I did this on the productive system :-(
>>>
>>> Can you show us the full ldif for that DN on your PDC?
>>>
>>> ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
>>> * objectClass repsFrom repsTo
>>>
>>> Thanks,
>>>
>>> Andrew Bartlett
>>>
>> Hello Andrew,
>>
>> thank you for the fast response.
>>
>> Here is what ldbsearch returns:
>>
>> # record 1
>> dn: DC=DomainDnsZones,DC=novanetwork,DC=loc
>> objectClass: top
> 
> OK, so that is your fundamental issue.  The correct objectClass is
> domainDNS.  
> 
> This may be due to a stub object (an object which indicates that a full
> partition should be created below).  Where and how was the DNS first
> created?
> 
> Can you show me:
> ldbsearch -H sam.ldb -s base -b ""
> 
> Thanks,
> 
> Andrew Bartlett
> 
Hello Andrew,

Initially I have started with a standard flat file bind9 config, later I
changed that to bind9_dlz by using an early version of Amitay's
upgrade_dns script with the --migrate=no switch. Then I created all my
static DNS entries by hand with the Windows DNS admin tool.
After doing some successful testing with clients  (SYSVOL,NETLOGON,
GPOs,DNS) I added a second DC (novadc02)


../bin/ldbsearch -H sam.ldb -s base -b ""
# record 1
dn:
configurationNamingContext: CN=Configuration,DC=novanetwork,DC=loc
defaultNamingContext: DC=novanetwork,DC=loc
rootDomainNamingContext: DC=novanetwork,DC=loc
schemaNamingContext: CN=Schema,CN=Configuration,DC=novanetwork,DC=loc
subschemaSubentry:
CN=Aggregate,CN=Schema,CN=Configuration,DC=novanetwork,DC=l
 oc
supportedCapabilities: 1.2.840.113556.1.4.800
supportedCapabilities: 1.2.840.113556.1.4.1670
supportedCapabilities: 1.2.840.113556.1.4.1791
supportedCapabilities: 1.2.840.113556.1.4.1935
supportedCapabilities: 1.2.840.113556.1.4.2080
supportedLDAPVersion: 2
supportedLDAPVersion: 3
vendorName: Samba Team (http://samba.org)
isSynchronized: TRUE
dsServiceName: CN=NTDS
Settings,CN=NOVADC01,CN=Servers,CN=Standardname-des-ers
 ten-Standorts,CN=Sites,CN=Configuration,DC=novanetwork,DC=loc
serverName:
CN=NOVADC01,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sit
 es,CN=Configuration,DC=novanetwork,DC=loc
dNSHostName: NOVADC01.novanetwork.loc
ldapServiceName: novanetwork.loc:novadc01$@NOVANETWORK.LOC
currentTime: 20120627122749.0Z
supportedControl: 1.2.840.113556.1.4.841
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.2.840.113556.1.4.473
supportedControl: 1.2.840.113556.1.4.1504
supportedControl: 1.2.840.113556.1.4.801
supportedControl: 1.2.840.113556.1.4.801
supportedControl: 1.2.840.113556.1.4.805
supportedControl: 1.2.840.113556.1.4.1338
supportedControl: 1.2.840.113556.1.4.529
supportedControl: 1.2.840.113556.1.4.417
supportedControl: 1.2.840.113556.1.4.2064
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.1339
supportedControl: 1.2.840.113556.1.4.1340
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.1341
namingContexts: CN=Schema,CN=Configuration,DC=novanetwork,DC=loc
namingContexts: CN=Configuration,DC=novanetwork,DC=loc
namingContexts: DC=novanetwork,DC=loc
namingContexts: DC=DomainDnsZones,DC=novanetwork,DC=loc
namingContexts: DC=ForestDnsZones,DC=novanetwork,DC=loc
highestCommittedUSN: 68881
domainFunctionality: 4
forestFunctionality: 4
domainControllerFunctionality: 4
isGlobalCatalogReady: TRUE

# returned 1 records
# 1 entries
# 0 referrals


best regards

Andreas

More information about the samba-technical mailing list