How to get DNS replication working properly?

Andrew Bartlett abartlet at samba.org
Sat Jun 30 05:07:16 MDT 2012 

On Wed, 2012-06-27 at 11:56 -0300, Juan Pablo Lorier wrote:
> Hi Andrew,
> 
> First my apologies for I found I was not using samba-tool right at 
> demoting (saw the same error in the list).
> I demoted both servers and rejoined them. I see that there are many 
> lines in the replication that shows linked-values=0, I don't know if 
> this is right.

It is quite possible that there are no linked attributes if they have
not bee modified since this domain was set up or promoted to 2003
level. 

> Finding a writeable DC for domain 'montecarlotv.com.uy'
> Found DC srv-mm.montecarlotv.com.uy
> Password for [CANAL4\administrador]:
> workgroup is CANAL4
> realm is montecarlotv.com.uy
> checking sAMAccountName
> Deleted CN=SAMBADC1,CN=Computers,DC=montecarlotv,DC=com,DC=uy
> Deleted CN=SAMBADC1,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
> Adding CN=SAMBADC1,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy
> Adding CN=SAMBADC1,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
> Adding CN=NTDS Settings,CN=SAMBADC1,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
> Adding SPNs to CN=SAMBADC1,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy
> Setting account password for SAMBADC1$
> Enabling account
> Calling bare provision
> No IPv6 address will be assigned
> Provision OK for domain DN DC=montecarlotv,DC=com,DC=uy
> Starting replication
> Schema-DN[CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[402] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[804] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[1206] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[1266] linked_values[0]
> Analyze and apply schema objects
> Partition[CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[402] linked_values[0]
> Partition[CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[804] linked_values[0]
> Partition[CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[1206] linked_values[0]
> Partition[CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[1608] linked_values[36]
> Partition[CN=Configuration,DC=montecarlotv,DC=com,DC=uy] objects[1634] linked_values[11]
> Replicating critical objects from the base DN of the domain
> Partition[DC=montecarlotv,DC=com,DC=uy] objects[99] linked_values[31]
> Partition[DC=montecarlotv,DC=com,DC=uy] objects[380] linked_values[385]
> Partition[DC=montecarlotv,DC=com,DC=uy] objects[596] linked_values[40]
> Partition[DC=montecarlotv,DC=com,DC=uy] objects[785] linked_values[49]
> Partition[DC=montecarlotv,DC=com,DC=uy] objects[878] linked_values[0]
> Partition[DC=DomainDnsZones,DC=montecarlotv,DC=com,DC=uy] objects[399] linked_values[0]
> Partition[DC=DomainDnsZones,DC=montecarlotv,DC=com,DC=uy] objects[705] linked_values[0]
> Partition[DC=ForestDnsZones,DC=montecarlotv,DC=com,DC=uy] objects[30] linked_values[0]
> Committing SAM database
> Sending DsReplicateUpdateRefs for all the partitions
> Setting isSynchronized and dsServiceName
> Setting up secrets database
> Joined domain CANAL4 (SID S-1-5-21-1586713875-38817212-1236795852) as a DC
> 
> 
> Does samba-tool remove the partitions at demoting time? or should I 
> remove them myself?

When you re-join, we wipe the local data.

> As there's still little documentation on how to use the commands, I 
> still try to figure out how to configure samba and BIND to work together.
> If I run samba_upgradedns I get this on both servers:
> 
> Reading domain information
> Looking up IPv4 addresses
> Looking up IPv6 addresses
> DNS accounts already exist
> No zone file /usr/local/samba/private/dns/montecarlotv.com.uy.zone
> DNS records will be automatically created
> DNS partitions already exist
> Adding dns-SAMBADC1 account
> Traceback (most recent call last):
>    File "sbin/samba_upgradedns", line 448, in <module>
>      "DNSNAME" : dnsname }
>    File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/provision/common.py", 
> line 52, in setup_add_ldif
>      ldb.add_ldif(data, controls)
>    File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/__init__.py", line 
> 224, in add_ldif
>      self.add(msg, controls)
> _ldb.LdbError: (53, '../source4/dsdb/samdb/ldb_modules/ridalloc.c:494: 
> No RID Set DN - Remote RID Set allocation needs refresh')
> 
> 
> Why samba tries to use that zone file instead of bind ones, and not only 
> it doesn't create the file automatically, but also, if I create it at 
> the update it deletes it.
> I'll keep trying, any help is welcome :-)
> Regards,

Did you get this all working?  The RID Set message is because you have
not started 'samba' yet.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list