Need urgent help with samba4 DC re-join
Andrew Bartlett
abartlet at samba.org
Wed Jun 27 06:44:25 MDT 2012
On Wed, 2012-06-27 at 14:39 +0200, Andreas Oster wrote:
> Am 27.06.2012 14:26, schrieb Andrew Bartlett:
> > On Wed, 2012-06-27 at 14:12 +0200, Andreas Oster wrote:
> >> Am 27.06.2012 12:21, schrieb Andrew Bartlett:
> >>> On Wed, 2012-06-27 at 08:21 +0200, Andreas Oster wrote:
> >>>> Hello all,
> >>>>
> >>>> today I have tried to fix replication of ForestDnsZones and
> >>>> DomainDnsZones. I pulled the current sources from GIT and recompiled
> >>>> samba4. After installation I demoted the second DC, which completed
> >>>> without any errors. Afterwards I have tried to re-join the server but
> >>>> this is constantly failing. I have attached the d3 output of the join
> >>>> attempt.
> >>>>
> >>>> In the PDC log.samba the following error comes up when joining of the
> >>>> second DC failes:
> >>>>
> >>>> [2012/06/27 08:13:30, 0] ../source4/dsdb/common/util.c:2689(dsdb_savereps)
> >>>> Failed to store repsTo - objectclass_attrs: attribute 'dc' on entry
> >>>> 'DC=DomainDnsZones,DC=novanetwork,DC=loc' does not exist in the
> >>>> specified objectclasses!
> >>>> [2012/06/27 08:13:30, 0]
> >>>> ../source4/rpc_server/drsuapi/updaterefs.c:154(drsuapi_UpdateRefs)
> >>>> Failed to delete repsTo for d54eb180-fd57-4629-8f8f-bb48373a8daa:
> >>>> WERR_DS_DRA_INTERNAL_ERROR
> >>>>
> >>>>
> >>>> Stupid as I am, I did this on the productive system :-(
> >>>
> >>> Can you show us the full ldif for that DN on your PDC?
> >>>
> >>> ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
> >>> * objectClass repsFrom repsTo
> >>>
> >>> Thanks,
> >>>
> >>> Andrew Bartlett
> >>>
> >> Hello Andrew,
> >>
> >> thank you for the fast response.
> >>
> >> Here is what ldbsearch returns:
> >>
> >> # record 1
> >> dn: DC=DomainDnsZones,DC=novanetwork,DC=loc
> >> objectClass: top
> >
> > OK, so that is your fundamental issue. The correct objectClass is
> > domainDNS.
> >
> > This may be due to a stub object (an object which indicates that a full
> > partition should be created below). Where and how was the DNS first
> > created?
> >
> > Can you show me:
> > ldbsearch -H sam.ldb -s base -b ""
> >
> > Thanks,
> >
> > Andrew Bartlett
> >
> Hello Andrew,
>
> Initially I have started with a standard flat file bind9 config, later I
> changed that to bind9_dlz by using an early version of Amitay's
> upgrade_dns script with the --migrate=no switch. Then I created all my
> static DNS entries by hand with the Windows DNS admin tool.
> After doing some successful testing with clients (SYSVOL,NETLOGON,
> GPOs,DNS) I added a second DC (novadc02)
Thanks.
We need to double-check what your DomainDNSZones entry looks like, then
then work to make it look like this:
(this is the one from make test)
[abartlet at ruth samba]$ bin/ldbsearch -H st/dc//private/sam.ldb -s base
-b dc=domaindnszones,dc=samba,dc=example,dc=com
Unknown parameter encountered: "min receivefile size"
Ignoring unknown parameter "min receivefile size"
# record 1
dn: DC=DomainDnsZones,DC=samba,DC=example,DC=com
objectClass: top
objectClass: domain
objectClass: domainDNS
description: Microsoft DNS Directory
instanceType: 13
whenCreated: 20120627054121.0Z
uSNCreated: 3620
name: DomainDnsZones
objectGUID: daaf1e11-7df4-4631-bd74-f085b0aac1d9
objectCategory:
CN=Domain-DNS,CN=Schema,CN=Configuration,DC=samba,DC=example,D
C=com
msDS-NcType: 0
dc: DomainDnsZones
wellKnownObjects: B:32:6227F0AF1FC2410D8E3BB10615BB5B0F:CN=NTDS
Quotas,DC=Doma
inDnsZones,DC=samba,DC=example,DC=com
wellKnownObjects: B:32:18E2EA80684F11D2B9AA00C04F79F805:CN=Deleted
Objects,DC=
DomainDnsZones,DC=samba,DC=example,DC=com
wellKnownObjects:
B:32:2FBAC1870ADE11D297C400C04FD8D5CD:CN=Infrastructure,DC=D
omainDnsZones,DC=samba,DC=example,DC=com
wellKnownObjects:
B:32:AB8153B7768811D1ADED00C04FD8D5CD:CN=LostAndFound,DC=Dom
ainDnsZones,DC=samba,DC=example,DC=com
whenChanged: 20120627054126.0Z
uSNChanged: 3632
msDs-masteredBy: CN=NTDS
Settings,CN=LOCALDC,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=samba,DC=example,DC=com
distinguishedName: DC=DomainDnsZones,DC=samba,DC=example,DC=com
First please re-confirm the output of:
ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
Start by setting objectclass to domaindns (it will fill in the rest)
using ldbmodify and re-confirm again with:
ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list