[Samba] Replication Samba PDC to Samba BDC
"David González Herrera - [DGHVoIP]"
info at dghvoip.com
Tue Jun 4 10:52:26 MDT 2013
On 6/4/2013 8:35 AM, Ricky Nance wrote:
> @Giedrius
> "Not exactly, as I wrote in my other posts to mailing list, this is
> glibc's nss dns resolvers' (libnss_dns.so) issue that is ignoring
> hostnames with "_" (*_*msdcs)"
>
> Which OS's does that affect?
PDC is Ubuntu 12.0.4
root at samba:~# cat /etc/debian_version
wheezy/sid
root at samba:~# samba -V
Version 4.1.0pre1-GIT-8bf3112
BDC is on Ubuntu Server 12.0.4
root at bdc:~# samba -V
Version 4.1.0pre1-GIT-b238008
>
> @David, Is your nameserver (in /etc/resolv.conf) on dcA ip.to.dc.a and
> on dcB ip.to.dc.b if so, what happens when you set them both to A? how
> about when you set them both to B? I'd play around with that a bit
> until you get a good replication, then restart samba on both DC's and
> set them properly (dcA needs ip.to.dc.a and dcB needs ip.to.dc.b) .
Yes, after putting ip.to.dc.a on DCB and vice-versa I get the same can't
find bla.blah.msc.... A record, it only works back again when I add the
name to /etc/hosts.
Is there any patch I can apply to samba or the like to have this fixed?.
Thanks.
>
> Ricky
>
>
> On Tue, Jun 4, 2013 at 1:59 AM, "David González Herrera - [DGHVoIP]"
> <info at dghvoip.com <mailto:info at dghvoip.com>> wrote:
>
> On 6/4/2013 1:28 AM, Giedrius wrote:
>
> 2013.06.04 09:10, "David González Herrera - [DGHVoIP]" rašė:
>
> On 6/3/2013 11:57 PM, Giedrius wrote:
>
> Hi,
>
> 2013.06.04 04:16, "David González Herrera - [DGHVoIP]"
> rašė:
>
> Hi,
>
> Let's see if any of the questions gets answered or
> at least I get
> ponte dto something that can help me.
>
> I followed this wiki:
> http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain
>
> I have my S4 domain running, I compiled and
> installed another S4 to
> replicate the first server and joined successfully
> to the domain but
> replication seems to be broken.
>
> Commandused:
>
>
> root at bdc:~# samba-tool domain join mundo.local DC
> -Uadministrator
> --realm=mundo.local --password=Mugr3P0pO
> --dns-backend=BIND9_DLZ
> Finding a writeable DC for domain 'mundo.local'
> Found DC samba.mundo.local
> workgroup is mundo
> realm is mundo.local
> checking sAMAccountName
> Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Adding
> CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding CN=NTDS
> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding SPNs to CN=BDC,OU=Domain
> Controllers,DC=mundo,DC=local
> Setting account password for BDC$
> Enabling account
> Calling bare provision
> No IPv6 address will be assigned
> Provision OK for domain DN DC=mundo,DC=local
> Starting replication
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[402/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[804/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1206/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1550/1550] linked_values[0/0]
> Analyze and apply schema objects
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[402/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[804/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[1206/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[1608/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[1614/1614]
> linked_values[28/0]
> Replicating critical objects from the base DN of
> the domain
> Partition[DC=mundo,DC=local] objects[98/98]
> linked_values[31/0]
> Partition[DC=mundo,DC=local] objects[336/238]
> linked_values[74/0]
> Done with always replicated NC (base, config, schema)
> Replicating DC=DomainDnsZones,DC=mundo,DC=local
> Partition[DC=DomainDnsZones,DC=mundo,DC=local]
> objects[42/42]
> linked_values[0/0]
> Replicating DC=ForestDnsZones,DC=mundo,DC=local
> Partition[DC=ForestDnsZones,DC=mundo,DC=local]
> objects[18/18]
> linked_values[0/0]
> Partition[DC=ForestDnsZones,DC=mundo,DC=local]
> objects[36/18]
> linked_values[0/0]
> Committing SAM database
> Sending DsReplicateUpdateRefs for all the
> replicated partitions
> Setting isSynchronized and dsServiceName
> Setting up secrets database
> Joined domain mundo (SID
> S-1-5-21-1918558401-2200574552-2151153235) as
> a DC
>
> Seemed to have succeded, then I radn the
> recommended tests
>
> # ldbsearch -H /usr/local/samba/private/sam.ldb
> '(invocationid=*)'
> --cross-ncs objectguid
> # record 1
> dn: CN=NTDS
> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
>
> # record 2
> dn: CN=NTDS
> Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>
> # returned 2 records
> # 2 entries
> # 0 referrals
>
>
> These testes run from the BDC seem to work.
>
> host -t CNAME
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
> is an alias
> for samba.mundo.local.
>
> host -t CNAME
> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
> is an alias
> for bdc.mundo.local.
>
> root at bdc:~# host -t A bdc.mundo.local.
> bdc.mundo.local has address 10.10.10.20
>
> root at bdc:~# host -t A samba.mundo.local.
> samba.mundo.local has address 10.10.10.5
>
>
> Error showing up on the BDC
>
> dns child failed to find name
> 'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local'
> of type A
> dreplsrv_notify: Failed to send DsReplicaSync to
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
> for
> CN=Configuration,DC=mundo,DC=local -
> *NT_STATUS_OBJECT_NAME_NOT_FOUND
> : WERR_BADFILE *
>
> Did you AT LEAST search the mailing list???????
> Check if ping (or any program using GLIBC's *NSS* DNS
> resolver) can
> resolve your
> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local name
>
> Yes I searched the ML with no luck.
>
> Yes, I did and it works, I had to add
> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.loca lto
> /etc/hosts
> and it works.
>
> So I thinks it's a DNS issue.
>
> Not exactly, as I wrote in my other posts to mailing list, this is
> glibc's nss dns resolvers' (libnss_dns.so) issue that is ignoring
> hostnames with "_" (*_*msdcs)
>
> Ok, then we'll have to wait for a patch to glibc, weird thing is
> that on the master PDC with BIND_DLZ as backend there's no problem
> at all. So excuse my ignorance when it comes to that.
>
> Thanks again mate.
>
> Thanks for your answer.
>
>
>
> --
> David Gonzalez
> DGHVoIP
> USA: +1.213.632.8479
> COL: +57.1.382.6718
> COL: +57.4.247.0985
> URL: www.dghvoip.com <http://www.dghvoip.com>
> Skype: davidgonzalezh
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
--
David Gonzalez
DGHVoIP
USA: +1.213.632.8479
COL: +57.1.382.6718
COL: +57.4.247.0985
URL: www.dghvoip.com
Skype: davidgonzalezh
More information about the samba
mailing list