Trouble demoting DC with broken replication
Andy Durant
adurant at vestec.com
Thu May 8 12:31:45 MDT 2014
The 10 days you set for tombstone hasn't elapsed yet for that particular
object, or it hasn't replicated to your remaining DCs. You will have to
wait for it to expire and be actually deleted.
Andy
On 5/8/2014 1:55 PM, Andreas Oster wrote:
> Am 08.05.2014 16:12, schrieb Andy Durant:
>> I struggled with this issue for a few weeks in my lab.
>>
>> Use this as a guide for cleaning up metadata and using adsiedit to clean
>> up the directory.
>>
>> http://support.microsoft.com/kb/216498
>>
>> Ensure that all dns entries are cleaned up as well. Both in the DNS
>> section of RSAT and using adsiedit. You can load the dns partitions as
>> well.
>>
>> Once you are are all that is cleaned up run:
>>
>> ldbsearch --cross-ncs --show-deleted -H /usr/local/samba/private/sam.ldb
>> | grep "failed dc"
>>
>> You'll likely see a few entries all with the OADEL.
>>
>> From what I can tell, anything listed there is tombstoned and you simply
>> need to wait for the tombstone period to expire and the objects will be
>> removed. I'm not sure why replication still picks up on them and shows
>> as failure, but I can confirm that in my lab - and I tested it 3 times
>> to be sure, that after the tombstone period expired and the objects were
>> permanently removed, the replication error went away for me.
>>
>>
>> Andy
>>
>>
>> On 5/8/2014 9:58 AM, Andreas Oster wrote:
>>> Am 08.05.2014 15:30, schrieb lp101:
>>>> Hello,
>>>>
>>>> Remove all traces of the demoted DC from your DNS. Use Windows
>>>> ADUC module to remove the DC from the Domain Controllers OU. Use ADSI
>>>> to remove all traces of the NTDS files and demoted server. Be careful
>>>> using ADSI. Give it a few moments to allow the changes to replicate
>>>> across all your existing DC's.
>>>>
>>>> On 5/8/2014 9:06 AM, Andreas Oster wrote:
>>>>> Am 08.05.2014 15:03, schrieb Andreas Oster:
>>>>>> Hi all,
>>>>>>
>>>>>> I am currently struggling to remove one of our Samba4 DC from the
>>>>>> domain. Some time ago, adding a new Samba DC to our AD did not succeed
>>>>>> and I had to demote the new server again. After removal,
>>>>>> replication on
>>>>>> one of the old/existing DCs got weird.
>>>>>>
>>>>>> /usr/local/samba/bin/samba-tool drs showrepl gives the following:
>>>>>>
>>>>>> Standardname-des-ersten-Standorts\dc02
>>>>>> DSA Options: 0x00000001
>>>>>> DSA object GUID: ef37f4de-a03c-493c-96f6-e521a5415d81
>>>>>> DSA invocationId: b0bc10b9-a67f-4550-8fbf-3dc9fbe6fecc
>>>>>>
>>>>>> ==== INBOUND NEIGHBORS ====
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ Thu May 8 14:49:28 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:49:28 2014 CEST
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ Thu May 8 14:49:24 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:49:24 2014 CEST
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ Thu May 8 14:48:50 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:48:50 2014 CEST
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ Thu May 8 14:48:51 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:48:51 2014 CEST
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ Thu May 8 14:48:54 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:48:54 2014 CEST
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ Thu May 8 14:48:55 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:48:55 2014 CEST
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ Thu May 8 14:50:01 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:50:01 2014 CEST
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ Thu May 8 14:50:02 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:50:02 2014 CEST
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ Thu May 8 14:48:56 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:48:56 2014 CEST
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ Thu May 8 14:48:56 2014 CEST was
>>>>>> successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ Thu May 8 14:48:56 2014 CEST
>>>>>>
>>>>>> ==== OUTBOUND NEIGHBORS ====
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:23db6774-c155-4e5f-a793-07e9c772ddc4,CN=dc03\0ADEL:bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 23db6774-c155-4e5f-a793-07e9c772ddc4
>>>>>> Last attempt @ Thu May 8 14:51:59 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 1042908 consecutive failure(s).
>>>>>> Last success @ Tue Feb 11 10:00:38 2014 CET
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:1a890c41-4326-47c1-90c0-28f8e70801a7,CN=dc03\0ADEL:60bb6abe-2d08-4f5f-81db-787f6e23706b,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 1a890c41-4326-47c1-90c0-28f8e70801a7
>>>>>> Last attempt @ Thu May 8 14:51:59 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 1005465 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:8c0461e2-6f72-42be-98ab-ce175fc84653,CN=dc03\0ADEL:619df70c-abc9-4644-bff6-35809664bbd9,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 8c0461e2-6f72-42be-98ab-ce175fc84653
>>>>>> Last attempt @ Thu May 8 14:51:59 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 958484 consecutive failure(s).
>>>>>> Last success @ Sat Feb 15 12:56:47 2014 CET
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:23db6774-c155-4e5f-a793-07e9c772ddc4,CN=dc03\0ADEL:bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 23db6774-c155-4e5f-a793-07e9c772ddc4
>>>>>> Last attempt @ Thu May 8 14:51:58 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 1049436 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:1a890c41-4326-47c1-90c0-28f8e70801a7,CN=dc03\0ADEL:60bb6abe-2d08-4f5f-81db-787f6e23706b,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 1a890c41-4326-47c1-90c0-28f8e70801a7
>>>>>> Last attempt @ Thu May 8 14:51:58 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 1012985 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:8c0461e2-6f72-42be-98ab-ce175fc84653,CN=dc03\0ADEL:619df70c-abc9-4644-bff6-35809664bbd9,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 8c0461e2-6f72-42be-98ab-ce175fc84653
>>>>>> Last attempt @ Thu May 8 14:51:58 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 976997 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=ForestDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:23db6774-c155-4e5f-a793-07e9c772ddc4,CN=dc03\0ADEL:bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 23db6774-c155-4e5f-a793-07e9c772ddc4
>>>>>> Last attempt @ Thu May 8 14:52:00 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 999198 consecutive failure(s).
>>>>>> Last success @ Tue Feb 11 10:00:39 2014 CET
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:1a890c41-4326-47c1-90c0-28f8e70801a7,CN=dc03\0ADEL:60bb6abe-2d08-4f5f-81db-787f6e23706b,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 1a890c41-4326-47c1-90c0-28f8e70801a7
>>>>>> Last attempt @ Thu May 8 14:52:00 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 994163 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:8c0461e2-6f72-42be-98ab-ce175fc84653,CN=dc03\0ADEL:619df70c-abc9-4644-bff6-35809664bbd9,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 8c0461e2-6f72-42be-98ab-ce175fc84653
>>>>>> Last attempt @ Thu May 8 14:52:00 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 952835 consecutive failure(s).
>>>>>> Last success @ Sat Feb 15 12:56:42 2014 CET
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:23db6774-c155-4e5f-a793-07e9c772ddc4,CN=dc03\0ADEL:bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 23db6774-c155-4e5f-a793-07e9c772ddc4
>>>>>> Last attempt @ Thu May 8 14:51:58 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 1009552 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:1a890c41-4326-47c1-90c0-28f8e70801a7,CN=dc03\0ADEL:60bb6abe-2d08-4f5f-81db-787f6e23706b,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 1a890c41-4326-47c1-90c0-28f8e70801a7
>>>>>> Last attempt @ Thu May 8 14:51:58 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 1010074 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:8c0461e2-6f72-42be-98ab-ce175fc84653,CN=dc03\0ADEL:619df70c-abc9-4644-bff6-35809664bbd9,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 8c0461e2-6f72-42be-98ab-ce175fc84653
>>>>>> Last attempt @ Thu May 8 14:51:59 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 958577 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> DC=DomainDnsZones,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:23db6774-c155-4e5f-a793-07e9c772ddc4,CN=dc03\0ADEL:bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 23db6774-c155-4e5f-a793-07e9c772ddc4
>>>>>> Last attempt @ Thu May 8 14:52:00 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 975813 consecutive failure(s).
>>>>>> Last success @ Tue Feb 11 10:00:39 2014 CET
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:1a890c41-4326-47c1-90c0-28f8e70801a7,CN=dc03\0ADEL:60bb6abe-2d08-4f5f-81db-787f6e23706b,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 1a890c41-4326-47c1-90c0-28f8e70801a7
>>>>>> Last attempt @ Thu May 8 14:52:00 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 955526 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> NTDS DN: CN=NTDS
>>>>>> Settings\0ADEL:8c0461e2-6f72-42be-98ab-ce175fc84653,CN=dc03\0ADEL:619df70c-abc9-4644-bff6-35809664bbd9,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> DSA object GUID:
>>>>>> 8c0461e2-6f72-42be-98ab-ce175fc84653
>>>>>> Last attempt @ Thu May 8 14:52:01 2014 CEST failed,
>>>>>> result 2 (WERR_BADFILE)
>>>>>> 892435 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc03 via RPC
>>>>>> DSA object GUID:
>>>>>> 94534f65-5d06-41f5-844d-a58a0bc03c93
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> CN=Schema,CN=Configuration,DC=samdom,DC=loc
>>>>>> Standardname-des-ersten-Standorts\dc01 via RPC
>>>>>> DSA object GUID:
>>>>>> c60bca82-df6e-409e-85c5-e2cc733691da
>>>>>> Last attempt @ NTTIME(0) was successful
>>>>>> 0 consecutive failure(s).
>>>>>> Last success @ NTTIME(0)
>>>>>>
>>>>>> ==== KCC CONNECTION OBJECTS ====
>>>>>>
>>>>>> Connection --
>>>>>> Connection name: 7027ea76-3617-488d-90f6-93f73de15c79
>>>>>> Enabled : TRUE
>>>>>> Server DNS name : dc01.samdom.loc
>>>>>> Server DN name : CN=NTDS
>>>>>> Settings,CN=dc01,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> TransportType: RPC
>>>>>> options: 0x00000001
>>>>>> Warning: No NC replicated for Connection!
>>>>>> Connection --
>>>>>> Connection name: dc03
>>>>>> Enabled : TRUE
>>>>>> Server DNS name : dc03.samdom.loc
>>>>>> Server DN name : CN=NTDS
>>>>>> Settings,CN=dc03,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=samdom,DC=loc
>>>>>>
>>>>>>
>>>>>> TransportType: RPC
>>>>>> options: 0x00000000
>>>>>> Warning: No NC replicated for Connection!
>>>>>>
>>>>>>
>>>>>> The \0ADEL: entries are the remains of the initial failed join of
>>>>>> dc03.
>>>>>> I searched the net for a solution to get rid of those entries but did
>>>>>> not find any useful information. My next idea was to also demote dc02.
>>>>>> Unfortunately after demoting dc02 those \0ADEL: entries showed up on
>>>>>> dc01, but only for dc02. I took VM snapshots before demoting dc02 so
>>>>>> could easily switch back.
>>>>>>
>>>>>> Does anyone have an idea how to resolve this issue ?
>>>>>>
>>>>>> Thank you very much for your kind help
>>>>>>
>>>>>> best regards
>>>>>>
>>>>>> Andreas
>>>>>>
>>>>> Hi all,
>>>>>
>>>>> by the way Samba version is: Version 4.2.0pre1-GIT-d7c22d5
>>>>>
>>>>> Thanks
>>>>>
>>>>> best regards
>>>>>
>>>>> Andreas
>>>>>
>>> Hello lp101,
>>>
>>> I have no traces of :
>>>
>>> bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3
>>> 60bb6abe-2d08-4f5f-81db-787f6e23706b
>>> 619df70c-abc9-4644-bff6-35809664bbd9
>>>
>>> in DNS. As dc03 is actually successfully joined and working, I cannot
>>> remove it via ADUC.
>>> Can you tell me where I can find those NTDS entries via ADSI ?
>>>
>>> Thanks
>>>
>>> best regards
>>>
>>> Andreas
>>>
>>>
>>>
> Hi Andy,
>
> I searched via ldbsearch for deleted objects and found the entries. I
> then changed the tombstone timeout to a smaller value (10days)= and did
> restart samba. After some minutes I searched again and now the entries for :
> bb22ce3e-2d94-47e2-aa29-11a2a0e4e2f3
> 60bb6abe-2d08-4f5f-81db-787f6e23706b
> 619df70c-abc9-4644-bff6-35809664bbd9
>
> have disappeared from the deleted objects. Unfortunately this seems to
> have made things worse as I do now get the following failure:
>
>
> ==== OUTBOUND NEIGHBORS ====
>
> ERROR(runtime): DsReplicaGetInfo of type -2 failed - (8442,
> 'WERR_DS_DRA_INTERNAL_ERROR')
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/drs.py", line
> 116, in drsuapi_ReplicaInfo
> (info_type, info) = ctx.drsuapi.DsReplicaGetInfo(ctx.drsuapi_handle,
> 1, req1)
>
>
> in log.samba I can see the following error:
>
> [2014/05/08 19:34:49.159705, 0]
> ../source4/dsdb/kcc/kcc_drs_replica_info.c:680(fill_neighbor_from_repsTo)
> ../source4/dsdb/kcc/kcc_drs_replica_info.c:680: Failed to find DN for
> neighbor GUID 23db6774-c155-4e5f-a793-07e9c772ddc4
>
> Does anybody have an idea how to get rid of the orphaned neighbour
> GUIDs. Where can I find those entries ?
>
> Thank you for your kind help
>
> best regards
>
> Andreas
--
Andy Durant
Information Technology Manager
Vestec Inc.
Waterloo, ON Canada
email: adurant at vestec.com
More information about the samba-technical
mailing list