Need urgent help with samba4 DC re-join

Andreas Oster aoster at novanetwork.de
Wed Jun 27 07:43:30 MDT 2012 

Am 27.06.2012 15:35, schrieb Andrew Bartlett:
> On Wed, 2012-06-27 at 15:28 +0200, Andreas Oster wrote:
>> Am 27.06.2012 15:21, schrieb Andrew Bartlett:
>>> On Wed, 2012-06-27 at 15:09 +0200, Andreas Oster wrote:
>>>> Hello Andrew,
>>>>
>>>> i think the only differences when doing a "ldbsearch -H sam.ldb -s base
>>>> -b DC=DomainDnsZones,DC=novanetwork,DC=loc" are:
>>>>
>>>> objectClass: domain
>>>> objectClass: domainDNS
>>>>
>>>> and
>>>>
>>>> objectCategory: CN=Top,CN=Schema,CN=Configuration,DC=novanetwork,DC=loc
>>>>
>>>>
>>>> I do not know if this was correct before demoting the second DC.
>>>> It did not come into my mind to check for errors because everything
>>>> worked like a charm and I was/am really happy with samba4.
>>>>
>>>> here the output of:
>>>>
>>>> ../bin/ldbsearch -H sam.ldb -s base -b
>>>> dc=domaindnszones,DC=novanetwork,DC=loc --reveal --show-binary
>>>> replPropertyMetaData
>>>
>>> Thanks.  This gives us a very good clue as to what has gone on:
>>>
>>> I'm assuming that 61f36cfd-ba7d-4702-87d3-7e861bb32cfe is PDC and
>>> fd9ca123-ed33-483a-a735-ff41940789a2 was the BDC?
>>>
>>> The key attributes changed that you mention are objectClass and
>>> objectCategory.  Both need to be fixed.  The incorrect values seem to
>>> have been written at Sun Apr 22 16:07:06 2012 CEST compared with Sun Apr
>>> 22 16:03:41 2012 CEST for the good ones.
>>>
>>> My guess is that in attempting to replicate the DNS to the slave with
>>> the samba-tool drs commands, and running samba_upgradedns on that
>>> server, have somehow sent back a corrupted version of the same object.
>>>
>>> Andrew Bartlett
>>>
> 
>> Hello Andrew,
>>
>> this is absolute possible. In a prior try to replicate the
>> DomainDnsZones and ForestDnsZones I used the samba-tool drs command but
>> this did not succeed and, if I do remember correct, quit with an error
>> message. As everything kept on working as before, it did not come to my
>> mind that it might have broken anything.
>>
>> Do you have an idea how to fix this ?
> 
> ldbedit -H sam.ldb -s base -b dc=domaindnszones,DC=novanetwork,DC=loc
> 
> Then set:
> 
> objectClass: domainDNS 
> objectCategory:
> CN=Domain-DNS,CN=Schema,CN=Configuration,DC=novanetwork,DC=loc
> 
> That should fix it (I hope).
> 
> This is the end for me for tonight, but I'll follow up tomorrow.
> Hopefully others here can help you with any remaining details. 
> 
> KEEP GOOD BACKUPS.
> 
> Thanks,
> 
> Andrew Bartlett
> 
Hello Andrew,

thank you very much for your help. I appreciate very much that you use
your limited time to help guys like me.

I will create a backup and do the proposed changes with ldbedit. I will
report here if joining works again afterwards.

best regards

Andreas

More information about the samba-technical mailing list