Need urgent help with samba4 DC re-join

Andrew Bartlett abartlet at samba.org
Wed Jun 27 07:21:36 MDT 2012


On Wed, 2012-06-27 at 15:09 +0200, Andreas Oster wrote:
> Hello Andrew,
> 
> i think the only differences when doing a "ldbsearch -H sam.ldb -s base
> -b DC=DomainDnsZones,DC=novanetwork,DC=loc" are:
> 
> objectClass: domain
> objectClass: domainDNS
> 
> and
> 
> objectCategory: CN=Top,CN=Schema,CN=Configuration,DC=novanetwork,DC=loc
> 
> 
> I do not know if this was correct before demoting the second DC.
> It did not come into my mind to check for errors because everything
> worked like a charm and I was/am really happy with samba4.
> 
> here the output of:
> 
> ../bin/ldbsearch -H sam.ldb -s base -b
> dc=domaindnszones,DC=novanetwork,DC=loc --reveal --show-binary
> replPropertyMetaData

Thanks.  This gives us a very good clue as to what has gone on:

I'm assuming that 61f36cfd-ba7d-4702-87d3-7e861bb32cfe is PDC and
fd9ca123-ed33-483a-a735-ff41940789a2 was the BDC?

The key attributes changed that you mention are objectClass and
objectCategory.  Both need to be fixed.  The incorrect values seem to
have been written at Sun Apr 22 16:07:06 2012 CEST compared with Sun Apr
22 16:03:41 2012 CEST for the good ones.

My guess is that in attempting to replicate the DNS to the slave with
the samba-tool drs commands, and running samba_upgradedns on that
server, have somehow sent back a corrupted version of the same object.

Andrew Bartlett

> # record 1
> dn: DC=DomainDnsZones,DC=novanetwork,DC=loc
> replPropertyMetaData:     NDR: struct replPropertyMetaDataBlob
>         version                  : 0x00000001 (1)
>         reserved                 : 0x00000000 (0)
>         ctr                      : union replPropertyMetaDataCtr(case 1)
>         ctr1: struct replPropertyMetaDataCtr1
>             count                    : 0x00000009 (9)
>             reserved                 : 0x00000000 (0)
>             array: ARRAY(9)

eg BAD

>                 array: struct replPropertyMetaData1
>                     attid                    : DRSUAPI_ATTID_objectClass
> (0x0)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:07:06 2012 CEST
>                     originating_invocation_id:
> fd9ca123-ed33-483a-a735-ff41940789a2
>                     originating_usn          : 0x0000000000003336 (13110)
>                     local_usn                : 0x0000000000001014 (4116)

eg GOOD

>                 array: struct replPropertyMetaData1
>                     attid                    : DRSUAPI_ATTID_description
> (0xD)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:03:41 2012 CEST
>                     originating_invocation_id:
> 61f36cfd-ba7d-4702-87d3-7e861bb32cfe
>                     originating_usn          : 0x0000000000000fd2 (4050)
>                     local_usn                : 0x0000000000000fd2 (4050)
>                 array: struct replPropertyMetaData1
>                     attid                    :
> DRSUAPI_ATTID_instanceType (0x20001)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:07:06 2012 CEST
>                     originating_invocation_id:
> fd9ca123-ed33-483a-a735-ff41940789a2
>                     originating_usn          : 0x0000000000003336 (13110)
>                     local_usn                : 0x0000000000001014 (4116)
>                 array: struct replPropertyMetaData1
>                     attid                    : DRSUAPI_ATTID_whenCreated
> (0x20002)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:07:06 2012 CEST
>                     originating_invocation_id:
> fd9ca123-ed33-483a-a735-ff41940789a2
>                     originating_usn          : 0x0000000000003336 (13110)
>                     local_usn                : 0x0000000000001014 (4116)
>                 array: struct replPropertyMetaData1
>                     attid                    :
> DRSUAPI_ATTID_ntSecurityDescriptor (0x20119)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:03:41 2012 CEST
>                     originating_invocation_id:
> 61f36cfd-ba7d-4702-87d3-7e861bb32cfe
>                     originating_usn          : 0x0000000000000fd2 (4050)
>                     local_usn                : 0x0000000000000fd2 (4050)
>                 array: struct replPropertyMetaData1
>                     attid                    : DRSUAPI_ATTID_name (0x90001)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:07:06 2012 CEST
>                     originating_invocation_id:
> fd9ca123-ed33-483a-a735-ff41940789a2
>                     originating_usn          : 0x0000000000003336 (13110)
>                     local_usn                : 0x0000000000001014 (4116)
>                 array: struct replPropertyMetaData1
>                     attid                    :
> DRSUAPI_ATTID_wellKnownObjects (0x9026A)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:03:42 2012 CEST
>                     originating_invocation_id:
> 61f36cfd-ba7d-4702-87d3-7e861bb32cfe
>                     originating_usn          : 0x0000000000000fde (4062)
>                     local_usn                : 0x0000000000000fde (4062)
>                 array: struct replPropertyMetaData1
>                     attid                    :
> DRSUAPI_ATTID_objectCategory (0x9030E)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:07:06 2012 CEST
>                     originating_invocation_id:
> fd9ca123-ed33-483a-a735-ff41940789a2
>                     originating_usn          : 0x0000000000003336 (13110)
>                     local_usn                : 0x0000000000001014 (4116)
>                 array: struct replPropertyMetaData1
>                     attid                    : UNKNOWN_ENUM_VALUE (0x150019)
>                     version                  : 0x00000001 (1)
>                     originating_change_time  : Sun Apr 22 16:07:06 2012 CEST
>                     originating_invocation_id:
> fd9ca123-ed33-483a-a735-ff41940789a2
>                     originating_usn          : 0x0000000000003336 (13110)
>                     local_usn                : 0x0000000000001014 (4116)
> 
> 
> # returned 1 records
> # 1 entries
> # 0 referrals
> 
> 
> regards
> 
> Andreas
> 

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org




More information about the samba-technical mailing list