[Samba] Samba4 and SiteLinkBridges

Achim Gottinger achim at ag-web.biz
Sun Nov 3 08:30:57 MST 2013


Am 22.10.2013 08:20, schrieb Achim Gottinger:
> Hi,
>
> Having an test environment here with four sites, sites 2-4 are 
> connected to site 1 via vpn. No vpn tunnels between sites 2-4, so the 
> sites 2-4 can only communicate with site 1.
> Each site has it's samba4 AD DC server and they are all part of the 
> same domain.
> Did abit of reading and found that i must use so called SiteLinks to 
> replicate the site objects between sites 2-4 via site 1.
> Created three SiteLinks (sl12:1,2 sl13:1,3 sl14:1,4) and three 
> SiteLinkBridges(slb23:sl12,sl13 slb24: sl12,sl14 slb34: sl13,sl14). 
> Had to remove the DEFAULTSITELINK entry to reassign the sites.
> So far so good, restarted all servers and waiter for an while but 
> still on sites 2-3 only site 1 objects get replicated, others still 
> show errors like this
>
> CN=Schema,CN=Configuration,DC=domain,DC=local
>         site2\server2 via RPC
>                 DSA object GUID: b61417b8-acb0-48ea-acf7-d8b739e3aa23
>                 Last attempt @ Tue Oct 22 08:13:07 2013 CEST failed, 
> result 1232 (WERR_HOST_UNREACHABLE)
>                 125 consecutive failure(s).
>                 Last success @ NTTIME(0)
>
> Are SiteLinkBridges supposed to work with samba4?
>
> Thanks in advance,
> Achim Gottinger
Skimmed over the code in samba_kcc. I can see that SiteLink's are read 
in load_all_sitelinks but the. Looking into ADSI the SiteLinkBridges 
also reside in CN=Inter-Site Transports,CN=Sites but have an objectClass 
of SiteLinkBridge instead of SiteLink. So I assume SiteLinkBridges are 
ignored right now. I'd expect that in above configuration site 2-4 
should not try to contact each other because there are no SiteLink 
objects defined between them, however the log at for example site2 still 
shows errors trying to connet to sites 3-4.

[2013/11/03 16:28:00.671751,  0] 
../source4/librpc/rpc/dcerpc_sock.c:256(continue_socket_connect)
   Failed to connect host [server at site 3 ip] on port 135 - 
NT_STATUS_HOST_UNREACHABLE
[2013/11/03 16:28:00.672221,  0] 
../source4/librpc/rpc/dcerpc_sock.c:419(continue_ip_open_socket)
   Failed to connect host [server at site 3 ip] 
(ded885f4-5178-41d5-9274-e1f7268ca2e8._msdcs.fot.local) on port 135 - 
NT_STATUS_HOST_UNREACHABLE.





More information about the samba mailing list