[Samba] replication issues solved by adding GUID names to /etc/hosts

mourik jan heupink - merit heupink at merit.unu.edu
Wed Aug 27 03:34:28 MDT 2014


Hi Louis,

Ok, thanks for these instruction. I'll update the files, and my own 
documentation to include all this.

Nowadays I don't only check replication with samba-tool drs showrepl, 
because we have had issues (which were solved using the EXCELLENT 
support from sernet!) where showrepl showed no errors, but in fact the 
DomainDnsZones were NOT in sync.

So, in addition to showrepl I also use

samba-tool ldapcmp ldap://dc2.samba.company.com 
ldap://dc4.samba.company.com

If that one also gives only "SUCCESS" then I trust my replication.

I'm planning to write a little script to automatically verify my 
databases regularly using the above two methods. If corruption ever 
occurs again, I'd like to know about it immediately.

Mourik Jan

On 8/27/2014 11:15, L.P.H. van Belle wrote:
> Hai Mourik Jan,
>
> the hosts file.
> set it for all your servers like :
> 127.0.0.1    localhost (optional with: localhost.localdomain   ( <== as is dont change localdomain ) )
> 192.87.x.y   dc4.company.com       dc4
>
> the 127.0.1.1 was put in your hosts because you installed with a DHCP ip number at install and not a static ip.
>
> and for the resolv.conf
>
> search company.com
> nameserver 192.87.x.y5 (=dc2)
> nameserver 192.87.x.y4 (=dc4)
>
> nameserver 192.87.x.1 (=caching external dns)   ( <  should not be needed, if you have the forwarders in bind )
> but imo cant harm, os resolving looks in resolv.conf and processes in that order.
>
> and i suggest you check the dns entries with the windows tool for dc2 and dc4 check the A and PTR records.
> If all is set ok, reboot the servers.
> and check again with samba-tool drs showrepl
>
> Louis
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: heupink at merit.unu.edu
>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>> heupink - merit
>> Verzonden: woensdag 27 augustus 2014 10:39
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] replication issues solved by adding
>> GUID names to /etc/hosts
>>
>> Hi Louis,
>>
>> I tested name resolution using "host GUID._msdcs..." with all the
>> correct answers on all dc's, only ping failed.
>>
>> I now notice a small (but vital?) difference between /etc/hosts on the
>> two DC's, and also in /etc/resolv.conf
>>
>> root at dc4:~# cat /etc/hosts
>> 127.0.0.1       localhost
>> 192.87.x.y   dc4.company.com       dc4
>>
>> # The following lines are desirable for IPv6 capable hosts
>> ::1     localhost ip6-localhost ip6-loopback
>> ff02::1 ip6-allnodes
>> ff02::2 ip6-allrouters
>> root at dc4:~# cat /etc/resolv.conf
>> search company.com
>> nameserver 192.87.x.y5 (=dc2)
>> nameserver 192.87.x.y4 (=dc4)
>> nameserver 192.87.x.1 (=caching external dns)
>>
>>
>> root at DC2:~# cat /etc/hosts
>> 127.0.0.1       localhost
>> 127.0.1.1       DC2.company.com       DC2
>>
>> # The following lines are desirable for IPv6 capable hosts
>> ::1     localhost ip6-localhost ip6-loopback
>> ff02::1 ip6-allnodes
>> ff02::2 ip6-allrouters
>> root at DC2:~# cat /etc/resolv.conf
>> nameserver 192.87.x.y4 (=dc4)
>> nameserver 192.87.x.y5 (=dc2)
>> nameserver 192.87.x.1 (=caching external dns)
>> root at DC2:~#
>>
>> (obviously these are /etc/hosts before I added the GUID._msdcs...)
>>
>> Could these small differences (127.0.1.1 vs 192.87.x.y) and (search
>> company.com vs no search) be responsible for the observed behaviour?
>>
>> MJ
>>
>> On 8/27/2014 10:15, L.P.H. van Belle wrote:
>>> Ok.. wel and your sure the resolv.conf is correct?
>>> cat you post the hosts file and resolv.conf file. just to be sure.
>>>
>>> i noticed, ( sernet samba) that after adding a DC, the
>> replication didnt work right a way.
>>> It needed a restart of the server. This was tested with
>> server samba 4.1.4-4.1.9
>>> and after the restart replication started working.
>>>
>>> Greetz,
>>>
>>> Louis
>>>
>>>
>>>> -----Oorspronkelijk bericht-----
>>>> Van: heupink at merit.unu.edu
>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>> heupink - merit
>>>> Verzonden: woensdag 27 augustus 2014 10:08
>>>> Aan: samba at lists.samba.org
>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>> GUID names to /etc/hosts
>>>>
>>>> Hi,
>>>>
>>>> Yes, what I'm saying is not that without the guid's in /etc/hosts
>>>> replication will give errors. (we have had successful
>> replication here
>>>> as well)
>>>>
>>>> What I'm saying is, that there were some remaining WERR_BADFILE repl
>>>> errors after adding a new dc. After waiting hours, restarting samba
>>>> several times these did not go away.
>>>>
>>>> Then I read the post I mentioned, and added the GUID's to
>> /etc/hosts,
>>>> and immediately my WERR_BADFILE errors disappeared.
>>>>
>>>> I no expert, and again: we've always had successful
>>>> replication here as
>>>> well, without the entries in /etc/hosts. But these errors
>>>> remained, and
>>>> disappeared immediately after editing /etc/hosts.
>>>>
>>>> Plus there have been some more similar reports on this
>> list, I'd say:
>>>> where there is smoke, there is a fire.
>>>>
>>>> Some 'evidence' from the list archives, three different
>>>> threads over the
>>>> last year, similar problem, all sharing the same solution:
>>>>
>>>> http://marc.info/?l=samba&m=137032630404682&w=2
>>>> http://marc.info/?l=samba&m=137003992508143&w=2
>>>> http://marc.info/?l=samba&m=137000020326397&w=2
>>>>
>>>> Again: not saying that it will never work without the entries in
>>>> /etc/hosts, but...
>>>>
>>>> Kind regards,
>>>> Mourik Jan
>>>>
>>>> On 8/27/2014 8:22, L.P.H. van Belle wrote:
>>>>> Hai Mourik Jan,
>>>>>
>>>>>
>>>>> host
>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>>>
>>>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>> is an alias for rtd-dc1.internal.domain.tld.
>>>>> rtd-dc1.internal.domain.tld has address 192.168.0.1
>>>>> root at rtd-dc1:~# ping
>>>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>>> ping: unknown host
>>>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>>>
>>>>> and samba-tool drs showrepl shows 0 errors.
>>>>>
>>>>> Greetz,
>>>>>
>>>>> Louis
>>>>>
>>>>>
>>>>>> -----Oorspronkelijk bericht-----
>>>>>> Van: heupink at merit.unu.edu
>>>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>>>> heupink - merit
>>>>>> Verzonden: dinsdag 26 augustus 2014 22:59
>>>>>> Aan: Chan Min Wai; Marc Muehlfeld
>>>>>> CC: samba at lists.samba.org
>>>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>>>> GUID names to /etc/hosts
>>>>>>
>>>>>> Well, I can only tell you what I observed.
>>>>>>
>>>>>> Does ping to the GUID name of your DC's work on your
>>>> install? And for
>>>>>> others here? I am on regular fresh installed wheezy x64.
>>>>>>
>>>>>> MJ
>>>>>>
>>>>>> On 08/26/2014 09:06 PM, Chan Min Wai wrote:
>>>>>>> Dear Mourik Jan,
>>>>>>>
>>>>>>> I would have to say that something was not right on your
>>>>>> system library.
>>>>>>> I'm sorry that I cannot tell you which one.
>>>>>>>
>>>>>>> I was having this issue on my gentoo and recently found the
>>>>>> problem was
>>>>>>> with my LDflags..
>>>>>>> I've to comment the one I normally use and leave it as default..
>>>>>>>
>>>>>>> Where other are basically unchanged...
>>>>>>>
>>>>>>> And now my DC can replicate between each other without the
>>>> /etc/hosts
>>>>>>> modification.
>>>>>>>
>>>>>>> Hope this help....
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Aug 27, 2014 at 2:36 AM, Marc Muehlfeld
>>>> <mmuehlfeld at samba.org
>>>>>>> <mailto:mmuehlfeld at samba.org>> wrote:
>>>>>>>
>>>>>>>        Hello Mourik Jan,
>>>>>>>
>>>>>>>
>>>>>>>        Am 26.08.2014 20:24, schrieb mourik jan heupink - merit:
>>>>>>>         > We were having replication issues on wheezy with
>>>>>> sernet-samba-4.1.11.
>>>>>>>         >
>>>>>>>         > Searching the list I found the following post:
>>>>>>>         > http://marc.info/?l=samba&m=136999742625184&w=2
>>>>>>>         >
>>>>>>>         > It says basically that if you are unable to *ping*
>>>>>> the GUID names for
>>>>>>>         > your dc's, you might be experiencing a glibc
>>>> error, where dns
>>>>>>>        names with
>>>>>>>         > an underscore are not properly resolved.
>>>>>>>         >
>>>>>>>         > Note: dns is basically correct, 'host' gives all the
>>>>>> correct answers,
>>>>>>>         > samba_dnsupdate on all dc's says: no dns updates
>>>> are needed.
>>>>>>>         >
>>>>>>>         > The fix in the post, is to add GUID names to
>>>>>> /etc/hosts which I
>>>>>>>        did on
>>>>>>>         > my dc's, and then all of a sudden ping started
>>>> working like it
>>>>>>>        should.
>>>>>>>         > But ALSO replication! Our 'WERR_BADFILE' errors
>>>> are gone now.
>>>>>>>         >
>>>>>>>         > Now, is this not something that should be much more
>>>>>> prominent in
>>>>>>>        the docs?
>>>>>>>
>>>>>>>        Thanks for providing this information. I'll try finding
>>>>>> out more about
>>>>>>>        that and add it to the documentation.
>>>>>>>
>>>>>>>
>>>>>>>        Regards,
>>>>>>>        Marc
>>>>>>>        --
>>>>>>>        To unsubscribe from this list go to the following URL
>>>>>> and read the
>>>>>>>        instructions: https://lists.samba.org/mailman/options/samba
>>>>>>>
>>>>>>>
>>>>>> --
>>>>>> To unsubscribe from this list go to the following URL and read the
>>>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>>>
>>>>>>
>>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>


More information about the samba mailing list