[Samba] Refusing to replicate from a read-only repilca into a read-write replica.
Murray Fraser
msfraser at gmail.com
Wed Nov 21 19:49:06 MST 2012
Testing with Samba4 rc5, I ran into the following problem trying to join
samba 4 to an existing (parent) domain.
# /usr/local/samba/bin/samba-tool domain join example.com DC
-Uadministrator --realm=example.com
Finding a writeable DC for domain 'example.com'
Found DC server01.example.com
Password for [example\administrator]:
workgroup is example
realm is example.com
checking sAMAccountName
Adding CN=SAMBADC1,OU=Domain Controllers,DC=example,DC=com,DC=au
Adding
CN=SAMBADC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com,DC=au
Adding CN=NTDS
Settings,CN=SAMBADC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com,DC=au
Adding SPNs to CN=SAMBADC1,OU=Domain Controllers,DC=example,DC=com,DC=au
Setting account password for SAMBADC1$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=example,DC=com,DC=au
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=com,DC=au] objects[402]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=com,DC=au] objects[804]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=com,DC=au] objects[1206]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=com,DC=au] objects[1521]
linked_values[0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=example,DC=com,DC=au] objects[402]
linked_values[0]
Partition[CN=Configuration,DC=example,DC=com,DC=au] objects[804]
linked_values[0]
Partition[CN=Configuration,DC=example,DC=com,DC=au] objects[1206]
linked_values[0]
Partition[CN=Configuration,DC=example,DC=com,DC=au] objects[1608]
linked_values[5]
Partition[CN=Configuration,DC=example,DC=com,DC=au] objects[1669]
linked_values[101]
Replicating critical objects from the base DN of the domain
Partition[DC=example,DC=com,DC=au] objects[103] linked_values[32]
Partition[DC=example,DC=com,DC=au] objects[389] linked_values[36]
Refusing to replicate DC=child,DC=example,DC=com,DC=au from a read-only
repilca into a read-write replica!
Failed to convert object DC=child,DC=example,DC=com,DC=au:
WERR_DS_DRA_SOURCE_IS_PARTIAL_REPLICA
Failed to convert objects: WERR_DS_DRA_SOURCE_IS_PARTIAL_REPLICA
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SAMBADC1,OU=Domain Controllers,DC=example,DC=com,DC=au
Deleted CN=NTDS
Settings,CN=SAMBADC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com,DC=au
Deleted
CN=SAMBADC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com,DC=au
ERROR(<type 'exceptions.TypeError'>): uncaught exception - Failed to
process chunk: NT code 0xc0002111
File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line
552, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
1104, in join_DC
ctx.do_join()
File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
1009, in do_join
ctx.join_replicate()
File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
748, in join_replicate
replica_flags=ctx.domain_replica_flags)
File "/usr/local/samba/lib/python2.7/site-packages/samba/drs_utils.py",
line 252, in replicate
schema=schema, req_level=req_level, req=req)
I don't know where in Active Directory I should be checking for a
'read-only' replica of the child domain (child.example.com), or how to
disable it.
Also there is a typo in the spelling of 'repilca' in the error message.
More information about the samba
mailing list