Need urgent help with samba4 DC re-join

Andreas Oster aoster at novanetwork.de
Wed Jun 27 06:54:11 MDT 2012


Am 27.06.2012 14:44, schrieb Andrew Bartlett:
> On Wed, 2012-06-27 at 14:39 +0200, Andreas Oster wrote:
>> Am 27.06.2012 14:26, schrieb Andrew Bartlett:
>>> On Wed, 2012-06-27 at 14:12 +0200, Andreas Oster wrote:
>>>> Am 27.06.2012 12:21, schrieb Andrew Bartlett:
>>>>> On Wed, 2012-06-27 at 08:21 +0200, Andreas Oster wrote:
>>>>>> Hello all,
>>>>>>
>>>>>> today I have tried to fix replication of ForestDnsZones and
>>>>>> DomainDnsZones. I pulled the current sources from GIT and recompiled
>>>>>> samba4. After installation I demoted the second DC, which completed
>>>>>> without any errors. Afterwards I have tried to re-join the server but
>>>>>> this is constantly failing. I have attached the d3 output of the join
>>>>>> attempt.
>>>>>>
>>>>>> In the PDC log.samba the following error comes up when joining of the
>>>>>> second DC failes:
>>>>>>
>>>>>> [2012/06/27 08:13:30,  0] ../source4/dsdb/common/util.c:2689(dsdb_savereps)
>>>>>>   Failed to store repsTo - objectclass_attrs: attribute 'dc' on entry
>>>>>> 'DC=DomainDnsZones,DC=novanetwork,DC=loc' does not exist in the
>>>>>> specified objectclasses!
>>>>>> [2012/06/27 08:13:30,  0]
>>>>>> ../source4/rpc_server/drsuapi/updaterefs.c:154(drsuapi_UpdateRefs)
>>>>>>   Failed to delete repsTo for d54eb180-fd57-4629-8f8f-bb48373a8daa:
>>>>>> WERR_DS_DRA_INTERNAL_ERROR
>>>>>>
>>>>>>
>>>>>> Stupid as I am, I did this on the productive system :-(
>>>>>
>>>>> Can you show us the full ldif for that DN on your PDC?
>>>>>
>>>>> ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
>>>>> * objectClass repsFrom repsTo
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Andrew Bartlett
>>>>>
>>>> Hello Andrew,
>>>>
>>>> thank you for the fast response.
>>>>
>>>> Here is what ldbsearch returns:
>>>>
>>>> # record 1
>>>> dn: DC=DomainDnsZones,DC=novanetwork,DC=loc
>>>> objectClass: top
>>>
>>> OK, so that is your fundamental issue.  The correct objectClass is
>>> domainDNS.  
>>>
>>> This may be due to a stub object (an object which indicates that a full
>>> partition should be created below).  Where and how was the DNS first
>>> created?
>>>
>>> Can you show me:
>>> ldbsearch -H sam.ldb -s base -b ""
>>>
>>> Thanks,
>>>
>>> Andrew Bartlett
>>>
>> Hello Andrew,
>>
>> Initially I have started with a standard flat file bind9 config, later I
>> changed that to bind9_dlz by using an early version of Amitay's
>> upgrade_dns script with the --migrate=no switch. Then I created all my
>> static DNS entries by hand with the Windows DNS admin tool.
>> After doing some successful testing with clients  (SYSVOL,NETLOGON,
>> GPOs,DNS) I added a second DC (novadc02)
> 
> Thanks.
> 
> We need to double-check what your DomainDNSZones entry looks like, then
> then work to make it look like this:
> 
> (this is the one from make test)
> [abartlet at ruth samba]$ bin/ldbsearch -H st/dc//private/sam.ldb -s base
> -b dc=domaindnszones,dc=samba,dc=example,dc=com
> Unknown parameter encountered: "min receivefile size"
> Ignoring unknown parameter "min receivefile size"
> # record 1
> dn: DC=DomainDnsZones,DC=samba,DC=example,DC=com
> objectClass: top
> objectClass: domain
> objectClass: domainDNS
> description: Microsoft DNS Directory
> instanceType: 13
> whenCreated: 20120627054121.0Z
> uSNCreated: 3620
> name: DomainDnsZones
> objectGUID: daaf1e11-7df4-4631-bd74-f085b0aac1d9
> objectCategory:
> CN=Domain-DNS,CN=Schema,CN=Configuration,DC=samba,DC=example,D
>  C=com
> msDS-NcType: 0
> dc: DomainDnsZones
> wellKnownObjects: B:32:6227F0AF1FC2410D8E3BB10615BB5B0F:CN=NTDS
> Quotas,DC=Doma
>  inDnsZones,DC=samba,DC=example,DC=com
> wellKnownObjects: B:32:18E2EA80684F11D2B9AA00C04F79F805:CN=Deleted
> Objects,DC=
>  DomainDnsZones,DC=samba,DC=example,DC=com
> wellKnownObjects:
> B:32:2FBAC1870ADE11D297C400C04FD8D5CD:CN=Infrastructure,DC=D
>  omainDnsZones,DC=samba,DC=example,DC=com
> wellKnownObjects:
> B:32:AB8153B7768811D1ADED00C04FD8D5CD:CN=LostAndFound,DC=Dom
>  ainDnsZones,DC=samba,DC=example,DC=com
> whenChanged: 20120627054126.0Z
> uSNChanged: 3632
> msDs-masteredBy: CN=NTDS
> Settings,CN=LOCALDC,CN=Servers,CN=Default-First-Site-
>  Name,CN=Sites,CN=Configuration,DC=samba,DC=example,DC=com
> distinguishedName: DC=DomainDnsZones,DC=samba,DC=example,DC=com
> 
> First please re-confirm the output of:
> 
> ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
> 
> Start by setting objectclass to domaindns (it will fill in the rest)
> using ldbmodify and re-confirm again with:
> 
> ldbsearch -H sam.ldb -s base -b DC=DomainDnsZones,DC=novanetwork,DC=loc
> 
> Thanks,
> 
> Andrew Bartlett
> 
Hello Andrew,

currently output looks like this:

../bin/ldbsearch -H sam.ldb -s base -b

DC=DomainDnsZones,DC=novanetwork,DC=loc
# record 1
dn: DC=DomainDnsZones,DC=novanetwork,DC=loc
description: Microsoft DNS Directory
uSNCreated: 4050
name: DomainDnsZones
objectGUID: a1e40623-4805-4e11-9471-9cb0b49b1dc8
msDS-NcType: 0
dc: DomainDnsZones
wellKnownObjects: B:32:6227F0AF1FC2410D8E3BB10615BB5B0F:CN=NTDS
Quotas,DC=Doma
 inDnsZones,DC=novanetwork,DC=loc
wellKnownObjects: B:32:18E2EA80684F11D2B9AA00C04F79F805:CN=Deleted
Objects,DC=
 DomainDnsZones,DC=novanetwork,DC=loc
wellKnownObjects:
B:32:2FBAC1870ADE11D297C400C04FD8D5CD:CN=Infrastructure,DC=D
 omainDnsZones,DC=novanetwork,DC=loc
wellKnownObjects:
B:32:AB8153B7768811D1ADED00C04FD8D5CD:CN=LostAndFound,DC=Dom
 ainDnsZones,DC=novanetwork,DC=loc
msDs-masteredBy: CN=NTDS
Settings,CN=NOVADC01,CN=Servers,CN=Standardname-des-e
 rsten-Standorts,CN=Sites,CN=Configuration,DC=novanetwork,DC=loc
objectClass: top
instanceType: 11
whenCreated: 20120422140706.0Z
whenChanged: 20120422140706.0Z
uSNChanged: 4116
objectCategory: CN=Top,CN=Schema,CN=Configuration,DC=novanetwork,DC=loc
distinguishedName: DC=DomainDnsZones,DC=novanetwork,DC=loc

# returned 1 records
# 1 entries
# 0 referrals

best regards

Andreas




More information about the samba-technical mailing list