[Samba] Samba4 Multi-Master replication

[Morten Kramer]

Hi guys,


I'm trying to get the Samba4 multi-master replication to work.



I set up the primary domain controller using this howto (under CentOS 
6.2 x64):


http://wiki.samba.org/index.php/Samba4/HOWTO



I installed bind 9.8.3 and enabled encrypted dns updates.




I set up another VM with the same CentOS version and oriented myself on 
this howto:

http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC

to join the second DC into the domain. I edited /etc/resolv.conf and set 
the nameserver to the IP of the primary DC (bind dns server).


Basic replication seems to work (not doing the rsync for sysvol yet). 
However, when i take the primary DC offline (bind keeps running), I 
can't use any of the .msc domain admin tools anymore.

I always get an error message, telling me that there is no RPC server 
available.
When i run gpmc.msc i can choose the DC i want to work on and I can see 
the secondary one, but it will come back with the RPC error.

I had Wireshark running on one of the Windows7 clients. It seems like it 
tries to talk to the 2nd DC (DCERPC packets). But i'm not an expert in 
packet analysis, could somebody give me a hint what to look for here?



User authentication does still work and Kerberos tickets are generated 
by the 2nd DC.



I can find this in the log:


../source4/dsdb/kcc/kcc_topology.c:1402: failed to find nCName attribute 
of object 
CN=ac7bf69c-9458-4205-acba-6fe172412d1b,CN=Partitions,CN=Configuration,DC=aeriatest2,DC=dc,DC=loc
../source4/dsdb/kcc/kcc_topology.c:3158: failed to color vertices: 
NT_STATUS_INTERNAL_DB_CORRUPTION
../source4/dsdb/kcc/kcc_topology.c:3415: failed to create connections: 
NT_STATUS_INTERNAL_DB_CORRUPTION
...
Warning: 60 extra bytes in incoming RPC request
../source4/rpc_server/drsuapi/dcesrv_drsuapi.c:74: doing DsBind with 
system_session



Do i need to configure something extra, so the secondary DC will be able 
to act as an RPC server?





Thanks,
freezer