[Samba] Samba AD replication on new installation of Samba 4.0

Justin Clacherty justin at redfish.com.au
Sun Dec 30 22:34:48 MST 2012 

Hi,

Fantastic that Samba 4.0 has been released, I've just installed and joined it to an existing AD (single Win2k8R2 server running Exchange).  The installation seemed to go well but I'm seeing odd messages when I show the replication status on both the Samba server and the Win2k8R2 server.  Is there something I missed in the install?  I followed the instructions outlined at https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC

The problems I'm seeing are:

1. showrepl under Samba shows all inbound and outbound neighbours have successfully replicated, but the last line after the KCC Connections Objects has " Warning: No NC replicated for Connection!"  What would cause this?

2. under Windows showrepl (/all) shows all outbound neighbours have successfully replicated, however, the inbound neighbours show failures for the first two entries complaining of a schema mismatch.  The third entry shows success (it's the schema replication). Everything else looks good

3. before joining the domain I ensured there was an A record and associated PTR record for the Samba server. After joining I had to manually add the CNAME record for the object GUID in _msdcs. Is this normal or should joining do this automatically?

Below is the full output of showrepl on both the Samba and Windows servers.

Cheers,
Justin.

Samba output:

Brisbane\FSERVER
DSA Options: 0x00000001
DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
DSA invocationId: 0118d84f-9308-461f-8727-7ee896988889

==== INBOUND NEIGHBORS ====

CN=Configuration,DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 15:12:49 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 15:12:49 2012 EST

DC=ForestDnsZones,DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 15:12:49 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 15:12:49 2012 EST

DC=DomainDnsZones,DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 15:12:49 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 15:12:49 2012 EST

CN=Schema,CN=Configuration,DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 15:12:50 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 15:12:50 2012 EST

DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 15:12:50 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 15:12:50 2012 EST

==== OUTBOUND NEIGHBORS ====

CN=Configuration,DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 13:10:54 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 13:10:54 2012 EST

CN=Schema,CN=Configuration,DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 13:10:59 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 13:10:59 2012 EST

DC=redfish,DC=local
        Brisbane\EXCHANGE via RPC
                DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
                Last attempt @ Mon Dec 31 13:10:59 2012 EST was successful
                0 consecutive failure(s).
                Last success @ Mon Dec 31 13:10:59 2012 EST

==== KCC CONNECTION OBJECTS ====

Connection --
        Connection name: f45f57b6-8835-47c8-ab9c-a4d1bdedf811
        Enabled        : TRUE
        Server DNS name : exchange.redfish.local
        Server DN name  : CN=NTDS Settings,CN=EXCHANGE,CN=Servers,CN=Brisbane,CN=Sites,CN=Configuration,DC=redfish,DC=local
                TransportType: RPC
                options: 0x00000001
Warning: No NC replicated for Connection!



Windows output:

Repadmin: running command /showrepl against full DC localhost
Brisbane\EXCHANGE
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 5fcb0cd6-461a-4b6a-bbea-1846d8b2758a
DSA invocationID: 2a3ebbfa-b68b-496a-8dd0-7a4966df4082

==== INBOUND NEIGHBORS ======================================

DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 14:50:54 was delayed for a normal reason, result 8418 (0x20e2):
    The replication operation failed because of a schema mismatch between the servers involved.
        Last success @ (never).

CN=Configuration,DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:14:07 was delayed for a normal reason, result 8418 (0x20e2):
    The replication operation failed because of a schema mismatch between the servers involved.
        Last success @ (never).

CN=Schema,CN=Configuration,DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:14:07 was successful.

==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============

DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:19:32 was successful.

CN=Configuration,DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:19:30 was successful.

CN=Schema,CN=Configuration,DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:19:32 was successful.

DC=DomainDnsZones,DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:19:30 was successful.

DC=ForestDnsZones,DC=redfish,DC=local
    Brisbane\FSERVER via RPC
        DSA object GUID: dc3a9e08-fbbc-49dd-a3dd-2f3f6951f08e
        Last attempt @ 2012-12-31 15:19:30 was successful.

==== KCC CONNECTION OBJECTS ============================================
Connection --
    Connection name : 70994a1f-ffc1-4dc9-a45c-c5fed0a88e00
    Server DNS name : exchange.redfish.local
    Server DN  name : CN=NTDS Settings,CN=EXCHANGE,CN=Servers,CN=Brisbane,CN=Sites,CN=Configuration,DC=redfish,DC=local
        Source: Brisbane\FSERVER
                No Failures.
        TransportType: intrasite RPC
        options:  isGenerated
        ReplicatesNC: CN=Configuration,DC=redfish,DC=local
        Reason:  RingTopology
                Replica link has been added.
        ReplicatesNC: CN=Schema,CN=Configuration,DC=redfish,DC=local
        Reason:  RingTopology
                Replica link has been added.
        ReplicatesNC: DC=redfish,DC=local
        Reason:  RingTopology
                Replica link has been added.
1 connections found.

More information about the samba mailing list