[Samba] Migration from Windows to Samba4
Rob Janssen
rob at ision.nl
Mon Oct 21 14:24:10 MDT 2013
Andrew Bartlett wrote:
> On Mon, 2013-10-21 at 20:58 +0200, Rob Janssen wrote:
>> I want to replace a Windows 2003R2 DC by a Samba4 install.
>>
>> I installed Samba 4.0.10 and successfully joined the Windows domain.
>> (after applying a small patch to join.py)
> What patch is that?
https://attachments.samba.org/attachment.cgi?id=9210
>> The replication works fine, and the new DC now hosts all fileshares and
>> successfully authenticates users and computers.
>>
>> Transfer of fsmo roles was also successful. The old Windows DC is still
>> active. I want to decommission it, but when running the Microsoft advised
>> procedure there are some minor errors that all refer to RPC.
> I will need details before I can comment.
samba-tool drs showrepl is all OK except at the very end it says:
Warning: No NC replicated for Connection!
dcdiag says:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Domainname\WINDOWSDC
Starting test: Connectivity
......................... WINDOWSDC passed test Connectivity
Doing primary tests
Testing server: Domainname\WINDOWSDC
Starting test: Replications
[Replications Check,WINDOWSDC] A recent replication attempt failed:
From SAMBADC to WINDOWSDC
Naming Context: CN=Schema,CN=Configuration,DC=domainname,DC=nl
The replication generated an error (1726):
The remote procedure call failed.
The failure occurred at 2013-10-21 21:53:14.
The last success occurred at 2013-10-19 16:59:14.
71 failures have occurred since the last success.
The replication RPC call executed for too long at the server and
was cancelled.
Check load and resouce usage on SAMBADC.
[SAMBADC] DsBindWithSpnEx() failed with error 1726,
The remote procedure call failed..
[Replications Check,WINDOWSDC] A recent replication attempt failed:
From SAMBADC to WINDOWSDC
Naming Context: CN=Configuration,DC=domainname,DC=nl
The replication generated an error (1726):
The remote procedure call failed.
The failure occurred at 2013-10-21 21:53:14.
The last success occurred at 2013-10-19 16:59:14.
72 failures have occurred since the last success.
The replication RPC call executed for too long at the server and
was cancelled.
Check load and resouce usage on SAMBADC.
[Replications Check,WINDOWSDC] A recent replication attempt failed:
From SAMBADC to WINDOWSDC
Naming Context: DC=domainname,DC=nl
The replication generated an error (1726):
The remote procedure call failed.
The failure occurred at 2013-10-21 21:53:14.
The last success occurred at 2013-10-19 16:59:14.
76 failures have occurred since the last success.
The replication RPC call executed for too long at the server and
was cancelled.
Check load and resouce usage on SAMBADC.
......................... WINDOWSDC passed test Replications
Starting test: NCSecDesc
......................... WINDOWSDC passed test NCSecDesc
Starting test: NetLogons
......................... WINDOWSDC passed test NetLogons
Starting test: Advertising
......................... WINDOWSDC passed test Advertising
Starting test: KnowsOfRoleHolders
Warning: SAMBADC is the Schema Owner, but is not responding to DS RP
C Bind.
Warning: SAMBADC is the Domain Owner, but is not responding to DS RP
C Bind.
Warning: SAMBADC is the PDC Owner, but is not responding to DS RPC B
ind.
Warning: SAMBADC is the Rid Owner, but is not responding to DS RPC B
ind.
Warning: SAMBADC is the Infrastructure Update Owner, but is not resp
onding to DS RPC Bind.
......................... WINDOWSDC failed test KnowsOfRoleHolders
Starting test: RidManager
......................... WINDOWSDC failed test RidManager
Starting test: MachineAccount
......................... WINDOWSDC passed test MachineAccount
Starting test: Services
......................... WINDOWSDC passed test Services
Starting test: ObjectsReplicated
......................... WINDOWSDC passed test ObjectsReplicated
Starting test: frssysvol
......................... WINDOWSDC passed test frssysvol
Starting test: frsevent
......................... WINDOWSDC passed test frsevent
Starting test: kccevent
......................... WINDOWSDC passed test kccevent
Starting test: systemlog
......................... WINDOWSDC passed test systemlog
Starting test: VerifyReferences
......................... WINDOWSDC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domainname
Starting test: CrossRefValidation
......................... domainname passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domainname passed test CheckSDRefDom
Running enterprise tests on : domainname.nl
Starting test: Intersite
......................... domainname.nl passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... domainname.nl failed test FsmoCheck
Strange, some of the tests succeed and others fail.
ADUC works perfectly on both DCs from the Windows end. Changes are replicated.
The samba-tool fsmo seize --role=all also proceeded without problem and the Windows
DC sees this.
Rob
More information about the samba
mailing list