[Samba] replication issues solved by adding GUID names to /etc/hosts
Rowland Penny
rowlandpenny at googlemail.com
Wed Aug 27 06:32:39 MDT 2014
On 27/08/14 13:24, L.P.H. van Belle wrote:
> Ok, Rowland your change looks promising... but...
I cannot see how the minor changes I made can be causing this ;-)
>
> Just for some testing i installed an extra DC(3)
> Im using my own scripts as always.. but now i having errors..
> First time in more the 20 installs.. which makes me worry...
I have decided that I am going to blame Mourik for this, after all he
started this thread ;-) :-0
Rowland
> At the domain join im seeing..
>
> Starting replication....
> Analyze and apply schema objects.....
> Replicating critical objects from the base DN of the domain....
> Partition[DC=INTERNAL,DC=COMPANY,DC=TLD] objects[99/99] linked_values[24/0]
> Partition[DC=INTERNAL,DC=COMPANY,DC=TLD] objects[501/931] linked_values[0/0]
>
> and then...
>
> No objectClass found in replPropertyMetaData for OU=TOPFLOOR,OU=RTD,OU=COMPANY,DC=INTERNAL,DC=COMPANY,DC=TLD!
>
> Failed to apply records: replmd_replicated_apply_add: error during DRS repl ADD: No objectClass found in replPropertyMetaData for OU=TOPFLOOR,OU=RTD,OU=COMPANY,DC=INTERNAL,DC=COMPANY,DC=TLD!
> : Object class violation
> Failed to commit objects: WERR_GENERAL_FAILURE
> Join failed - cleaning up
> checking sAMAccountName
> Deleted CN=RTD-DC3,OU=Domain Controllers,DC=INTERNAL,DC=COMPANY,DC=TLD
> Deleted CN=dns-RTD-DC3,CN=Users,DC=INTERNAL,DC=COMPANY,DC=TLD
> Deleted CN=NTDS Settings,CN=RTD-DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=INTERNAL,DC=COMPANY,DC=TLD
> Deleted CN=RTD-DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=INTERNAL,DC=COMPANY,DC=TLD
> ERROR(<type 'exceptions.TypeError'>): uncaught exception - Failed to process chunk: NT_STATUS_UNSUCCESSFUL
> File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run
> return self.run(*args, **kwargs)
> File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 555, in run
> machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
> File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1172, in join_DC
> ctx.do_join()
> File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1077, in do_join
> ctx.join_replicate()
> File "/usr/lib/python2.7/dist-packages/samba/join.py", line 817, in join_replicate
> replica_flags=ctx.domain_replica_flags)
> File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 256, in replicate
> schema=schema, req_level=req_level, req=req)
>
>
> The OU's where created by the windows tools... :-/
>
> Gr... anyone any hints...
>
>
> Louis
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: rowlandpenny at googlemail.com
>> [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>> Verzonden: woensdag 27 augustus 2014 13:20
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] replication issues solved by adding
>> GUID names to /etc/hosts
>>
>> On 27/08/14 12:05, Rowland Penny wrote:
>>> On 27/08/14 11:47, L.P.H. van Belle wrote:
>>>> and for me the DCs sernet samba 4.1.11
>>>>
>>>> i now that this : samba-tool drs showrepl =>> Warning: No NC
>>>> replicated for Connection!
>>>> is not problem but the serverstat and the subRefs thats a
>> new one for
>>>> me.
>>>>
>>>> i'll go have a look into this.
>>>>
>>>>
>>>>> -----Oorspronkelijk bericht-----
>>>>> Van: heupink at merit.unu.edu
>>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>>> heupink - merit
>>>>> Verzonden: woensdag 27 augustus 2014 12:28
>>>>> Aan: samba at lists.samba.org
>>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>>> GUID names to /etc/hosts
>>>>>
>>>>> I can only say that on my site, the command finds no
>> differences and I
>>>>> have not been happier lately than I am now. :-)
>>>>>
>>>>> Are you also on 4.1.11? Because having read a little bit about
>>>>> ldapcmp,
>>>>> it seems that at some point it was enhanced a bit, to justify for
>>>>> expected differences between dc's.
>>>>>
>>>>> Perhaps you are running an older version?
>>>>>
>>>>> On 8/27/2014 12:24, Rowland Penny wrote:
>>>>>> On 27/08/14 11:10, L.P.H. van Belle wrote:
>>>>>>> Good one, that one i didnt check yet..
>>>>>>> and argg... damn.. what the...
>>>>>>>
>>>>>>> Now im getting crazy...
>>>>>>>
>>>>>>> * Result for [DOMAIN]: FAILURE
>>>>>>> Attributes found only in ldap://dc1.internal.domain.tld
>>>>>>> serverState
>>>>>>> msDS-NcType
>>>>>>>
>>>>>>> * Result for [CONFIGURATION]: FAILURE
>>>>>>> Attributes found only in ldap://dc1.internal.domain.tld
>>>>>>> subRefs
>>>>>>> msDS-NcType
>>>>>>>
>>>>>>> * Result for [SCHEMA]: FAILURE
>>>>>>> Attributes found only in ldap://dc1.internal.domain.tld
>>>>>>> msDS-NcType
>>>>>>>
>>>>>>> * Result for [DNSFOREST]: FAILURE
>>>>>>> Attributes found only in ldap://dc1.internal.domain.tld
>>>>>>> msDS-NcType
>>>>>>>
>>>>>>> ERROR: Compare failed: -1
>>>>>>>
>>>>>>>
>>>>>>> Damn same here
>>>>>>> samba-tool drs showrepl
>>>>>>> success....
>>>>>>>
>>>>>>> so i can't trust the samba-tool :-(( ...
>>>>>>>
>>>>>>> but thanks.. now im into fixing
>>>>>>>
>>>>>>> Greetz..
>>>>>>>
>>>>>>> Louis
>>>>>>>
>>>>>>>> -----Oorspronkelijk bericht-----
>>>>>>>> Van: heupink at merit.unu.edu
>>>>>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>>>>>> heupink - merit
>>>>>>>> Verzonden: woensdag 27 augustus 2014 11:34
>>>>>>>> Aan: samba at lists.samba.org
>>>>>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>>>>>> GUID names to /etc/hosts
>>>>>>>>
>>>>>>>> Hi Louis,
>>>>>>>>
>>>>>>>> Ok, thanks for these instruction. I'll update the
>> files, and my own
>>>>>>>> documentation to include all this.
>>>>>>>>
>>>>>>>> Nowadays I don't only check replication with samba-tool
>>>>> drs showrepl,
>>>>>>>> because we have had issues (which were solved using the
>> EXCELLENT
>>>>>>>> support from sernet!) where showrepl showed no errors, but
>>>>> in fact the
>>>>>>>> DomainDnsZones were NOT in sync.
>>>>>>>>
>>>>>>>> So, in addition to showrepl I also use
>>>>>>>>
>>>>>>>> samba-tool ldapcmp ldap://dc2.samba.company.com
>>>>>>>> ldap://dc4.samba.company.com
>>>>>>>>
>>>>>>>> If that one also gives only "SUCCESS" then I trust my
>> replication.
>>>>>>>> I'm planning to write a little script to automatically verify my
>>>>>>>> databases regularly using the above two methods. If
>> corruption ever
>>>>>>>> occurs again, I'd like to know about it immediately.
>>>>>>>>
>>>>>>>> Mourik Jan
>>>>>>>>
>>>>>>>> On 8/27/2014 11:15, L.P.H. van Belle wrote:
>>>>>>>>> Hai Mourik Jan,
>>>>>>>>>
>>>>>>>>> the hosts file.
>>>>>>>>> set it for all your servers like :
>>>>>>>>> 127.0.0.1 localhost (optional with: localhost.localdomain
>>>>>>>> ( <== as is dont change localdomain ) )
>>>>>>>>> 192.87.x.y dc4.company.com dc4
>>>>>>>>>
>>>>>>>>> the 127.0.1.1 was put in your hosts because you installed
>>>>>>>> with a DHCP ip number at install and not a static ip.
>>>>>>>>> and for the resolv.conf
>>>>>>>>>
>>>>>>>>> search company.com
>>>>>>>>> nameserver 192.87.x.y5 (=dc2)
>>>>>>>>> nameserver 192.87.x.y4 (=dc4)
>>>>>>>>>
>>>>>>>>> nameserver 192.87.x.1 (=caching external dns) ( < should
>>>>>>>> not be needed, if you have the forwarders in bind )
>>>>>>>>> but imo cant harm, os resolving looks in resolv.conf and
>>>>>>>> processes in that order.
>>>>>>>>> and i suggest you check the dns entries with the windows
>>>>>>>> tool for dc2 and dc4 check the A and PTR records.
>>>>>>>>> If all is set ok, reboot the servers.
>>>>>>>>> and check again with samba-tool drs showrepl
>>>>>>>>>
>>>>>>>>> Louis
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> -----Oorspronkelijk bericht-----
>>>>>>>>>> Van: heupink at merit.unu.edu
>>>>>>>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>>>>>>>> heupink - merit
>>>>>>>>>> Verzonden: woensdag 27 augustus 2014 10:39
>>>>>>>>>> Aan: samba at lists.samba.org
>>>>>>>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>>>>>>>> GUID names to /etc/hosts
>>>>>>>>>>
>>>>>>>>>> Hi Louis,
>>>>>>>>>>
>>>>>>>>>> I tested name resolution using "host GUID._msdcs..."
>> with all the
>>>>>>>>>> correct answers on all dc's, only ping failed.
>>>>>>>>>>
>>>>>>>>>> I now notice a small (but vital?) difference between
>>>>>>>> /etc/hosts on the
>>>>>>>>>> two DC's, and also in /etc/resolv.conf
>>>>>>>>>>
>>>>>>>>>> root at dc4:~# cat /etc/hosts
>>>>>>>>>> 127.0.0.1 localhost
>>>>>>>>>> 192.87.x.y dc4.company.com dc4
>>>>>>>>>>
>>>>>>>>>> # The following lines are desirable for IPv6 capable hosts
>>>>>>>>>> ::1 localhost ip6-localhost ip6-loopback
>>>>>>>>>> ff02::1 ip6-allnodes
>>>>>>>>>> ff02::2 ip6-allrouters
>>>>>>>>>> root at dc4:~# cat /etc/resolv.conf
>>>>>>>>>> search company.com
>>>>>>>>>> nameserver 192.87.x.y5 (=dc2)
>>>>>>>>>> nameserver 192.87.x.y4 (=dc4)
>>>>>>>>>> nameserver 192.87.x.1 (=caching external dns)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> root at DC2:~# cat /etc/hosts
>>>>>>>>>> 127.0.0.1 localhost
>>>>>>>>>> 127.0.1.1 DC2.company.com DC2
>>>>>>>>>>
>>>>>>>>>> # The following lines are desirable for IPv6 capable hosts
>>>>>>>>>> ::1 localhost ip6-localhost ip6-loopback
>>>>>>>>>> ff02::1 ip6-allnodes
>>>>>>>>>> ff02::2 ip6-allrouters
>>>>>>>>>> root at DC2:~# cat /etc/resolv.conf
>>>>>>>>>> nameserver 192.87.x.y4 (=dc4)
>>>>>>>>>> nameserver 192.87.x.y5 (=dc2)
>>>>>>>>>> nameserver 192.87.x.1 (=caching external dns)
>>>>>>>>>> root at DC2:~#
>>>>>>>>>>
>>>>>>>>>> (obviously these are /etc/hosts before I added the
>>>>> GUID._msdcs...)
>>>>>>>>>> Could these small differences (127.0.1.1 vs 192.87.x.y)
>>>>> and (search
>>>>>>>>>> company.com vs no search) be responsible for the
>>>>> observed behaviour?
>>>>>>>>>> MJ
>>>>>>>>>>
>>>>>>>>>> On 8/27/2014 10:15, L.P.H. van Belle wrote:
>>>>>>>>>>> Ok.. wel and your sure the resolv.conf is correct?
>>>>>>>>>>> cat you post the hosts file and resolv.conf file. just
>>>>> to be sure.
>>>>>>>>>>> i noticed, ( sernet samba) that after adding a DC, the
>>>>>>>>>> replication didnt work right a way.
>>>>>>>>>>> It needed a restart of the server. This was tested with
>>>>>>>>>> server samba 4.1.4-4.1.9
>>>>>>>>>>> and after the restart replication started working.
>>>>>>>>>>>
>>>>>>>>>>> Greetz,
>>>>>>>>>>>
>>>>>>>>>>> Louis
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> -----Oorspronkelijk bericht-----
>>>>>>>>>>>> Van: heupink at merit.unu.edu
>>>>>>>>>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>>>>>>>>>> heupink - merit
>>>>>>>>>>>> Verzonden: woensdag 27 augustus 2014 10:08
>>>>>>>>>>>> Aan: samba at lists.samba.org
>>>>>>>>>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>>>>>>>>>> GUID names to /etc/hosts
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> Yes, what I'm saying is not that without the guid's in
>>>>> /etc/hosts
>>>>>>>>>>>> replication will give errors. (we have had successful
>>>>>>>>>> replication here
>>>>>>>>>>>> as well)
>>>>>>>>>>>>
>>>>>>>>>>>> What I'm saying is, that there were some remaining
>>>>>>>> WERR_BADFILE repl
>>>>>>>>>>>> errors after adding a new dc. After waiting hours,
>>>>>>>> restarting samba
>>>>>>>>>>>> several times these did not go away.
>>>>>>>>>>>>
>>>>>>>>>>>> Then I read the post I mentioned, and added the GUID's to
>>>>>>>>>> /etc/hosts,
>>>>>>>>>>>> and immediately my WERR_BADFILE errors disappeared.
>>>>>>>>>>>>
>>>>>>>>>>>> I no expert, and again: we've always had successful
>>>>>>>>>>>> replication here as
>>>>>>>>>>>> well, without the entries in /etc/hosts. But these errors
>>>>>>>>>>>> remained, and
>>>>>>>>>>>> disappeared immediately after editing /etc/hosts.
>>>>>>>>>>>>
>>>>>>>>>>>> Plus there have been some more similar reports on this
>>>>>>>>>> list, I'd say:
>>>>>>>>>>>> where there is smoke, there is a fire.
>>>>>>>>>>>>
>>>>>>>>>>>> Some 'evidence' from the list archives, three different
>>>>>>>>>>>> threads over the
>>>>>>>>>>>> last year, similar problem, all sharing the same solution:
>>>>>>>>>>>>
>>>>>>>>>>>> http://marc.info/?l=samba&m=137032630404682&w=2
>>>>>>>>>>>> http://marc.info/?l=samba&m=137003992508143&w=2
>>>>>>>>>>>> http://marc.info/?l=samba&m=137000020326397&w=2
>>>>>>>>>>>>
>>>>>>>>>>>> Again: not saying that it will never work without the
>>>>> entries in
>>>>>>>>>>>> /etc/hosts, but...
>>>>>>>>>>>>
>>>>>>>>>>>> Kind regards,
>>>>>>>>>>>> Mourik Jan
>>>>>>>>>>>>
>>>>>>>>>>>> On 8/27/2014 8:22, L.P.H. van Belle wrote:
>>>>>>>>>>>>> Hai Mourik Jan,
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> host
>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>>>>>>>>>> is an alias for rtd-dc1.internal.domain.tld.
>>>>>>>>>>>>> rtd-dc1.internal.domain.tld has address 192.168.0.1
>>>>>>>>>>>>> root at rtd-dc1:~# ping
>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>>>>>>>>>>> ping: unknown host
>> bd6bdc30-c9b2-4fd4-9bdc-4230fec98d59._msdcs.internal.domain.tld
>>>>>>>>>>>>> and samba-tool drs showrepl shows 0 errors.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Greetz,
>>>>>>>>>>>>>
>>>>>>>>>>>>> Louis
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> -----Oorspronkelijk bericht-----
>>>>>>>>>>>>>> Van: heupink at merit.unu.edu
>>>>>>>>>>>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>>>>>>>>>>>> heupink - merit
>>>>>>>>>>>>>> Verzonden: dinsdag 26 augustus 2014 22:59
>>>>>>>>>>>>>> Aan: Chan Min Wai; Marc Muehlfeld
>>>>>>>>>>>>>> CC: samba at lists.samba.org
>>>>>>>>>>>>>> Onderwerp: Re: [Samba] replication issues solved by adding
>>>>>>>>>>>>>> GUID names to /etc/hosts
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Well, I can only tell you what I observed.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Does ping to the GUID name of your DC's work on your
>>>>>>>>>>>> install? And for
>>>>>>>>>>>>>> others here? I am on regular fresh installed wheezy x64.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> MJ
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On 08/26/2014 09:06 PM, Chan Min Wai wrote:
>>>>>>>>>>>>>>> Dear Mourik Jan,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I would have to say that something was not right on your
>>>>>>>>>>>>>> system library.
>>>>>>>>>>>>>>> I'm sorry that I cannot tell you which one.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I was having this issue on my gentoo and
>> recently found the
>>>>>>>>>>>>>> problem was
>>>>>>>>>>>>>>> with my LDflags..
>>>>>>>>>>>>>>> I've to comment the one I normally use and leave it as
>>>>>>>> default..
>>>>>>>>>>>>>>> Where other are basically unchanged...
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> And now my DC can replicate between each other
>> without the
>>>>>>>>>>>> /etc/hosts
>>>>>>>>>>>>>>> modification.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hope this help....
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Wed, Aug 27, 2014 at 2:36 AM, Marc Muehlfeld
>>>>>>>>>>>> <mmuehlfeld at samba.org
>>>>>>>>>>>>>>> <mailto:mmuehlfeld at samba.org>> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hello Mourik Jan,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Am 26.08.2014 20:24, schrieb mourik jan
>>>>> heupink - merit:
>>>>>>>>>>>>>>> > We were having replication issues on
>> wheezy with
>>>>>>>>>>>>>> sernet-samba-4.1.11.
>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>> > Searching the list I found the
>> following post:
>>>>>>>>>>>>>>> >
>> http://marc.info/?l=samba&m=136999742625184&w=2
>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>> > It says basically that if you are unable
>>>>> to *ping*
>>>>>>>>>>>>>> the GUID names for
>>>>>>>>>>>>>>> > your dc's, you might be experiencing a glibc
>>>>>>>>>>>> error, where dns
>>>>>>>>>>>>>>> names with
>>>>>>>>>>>>>>> > an underscore are not properly resolved.
>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>> > Note: dns is basically correct, 'host'
>>>>> gives all the
>>>>>>>>>>>>>> correct answers,
>>>>>>>>>>>>>>> > samba_dnsupdate on all dc's says: no
>> dns updates
>>>>>>>>>>>> are needed.
>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>> > The fix in the post, is to add GUID names to
>>>>>>>>>>>>>> /etc/hosts which I
>>>>>>>>>>>>>>> did on
>>>>>>>>>>>>>>> > my dc's, and then all of a sudden
>> ping started
>>>>>>>>>>>> working like it
>>>>>>>>>>>>>>> should.
>>>>>>>>>>>>>>> > But ALSO replication! Our
>> 'WERR_BADFILE' errors
>>>>>>>>>>>> are gone now.
>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>> > Now, is this not something that should
>>>>> be much more
>>>>>>>>>>>>>> prominent in
>>>>>>>>>>>>>>> the docs?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks for providing this information. I'll
>>>>> try finding
>>>>>>>>>>>>>> out more about
>>>>>>>>>>>>>>> that and add it to the documentation.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>>>> Marc
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> To unsubscribe from this list go to the
>>>>> following URL
>>>>>>>>>>>>>> and read the
>>>>>>>>>>>>>>> instructions:
>>>>>>>> https://lists.samba.org/mailman/options/samba
>>>>>>>>>>>>>> --
>>>>>>>>>>>>>> To unsubscribe from this list go to the following URL
>>>>>>>> and read the
>>>>>>>>>>>>>> instructions:
>> https://lists.samba.org/mailman/options/samba
>>>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> To unsubscribe from this list go to the following URL
>>>>> and read the
>>>>>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> To unsubscribe from this list go to the following URL
>>>>> and read the
>>>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>> --
>>>>>>>> To unsubscribe from this list go to the following URL
>> and read the
>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>>>>
>>>>>>>>
>>>>>> Hi Louis, I had never tried that command before, so I did
>> and got the
>>>>>> same results as you, quick google told me that the
>> missing attributes
>>>>>> are to do with NC replication. Like you, I am now wondering
>>>>> if there is
>>>>>> something wrong and if so, how do I fix it.
>>>>>>
>>>>>> Rowland
>>>>> --
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>
>>>>>
>>> OK, I have found this:
>>> https://lists.samba.org/archive/samba/2013-December/177174.html
>>>
>>> Wonder if anybody came up with a patch ?
>>>
>>> Rowland
>> OK, based on Andrew saying that these attributes are not supposed to
>> replicate, I changed
>> '/usr/lib/python2.7/dist-packages/samba/netcmd/ldapcmp.py'
> >from line 397
>> to this:
>>
>> # Attributes that are considered always to be different e.g
>> based on timestamp etc.
>> #
>> # One domain - two domain controllers
>> self.ignore_attributes = [
>> # Default Naming Context
>> "lastLogon", "lastLogoff", "badPwdCount",
>> "logonCount",
>> "badPasswordTime", "modifiedCount",
>> "operatingSystemVersion","oEMInformation","msDS-NcType","subRef
>> s","serverState",
>> "ridNextRID", "rIDPreviousAllocationPool",
>> # Configuration Naming Context
>> "repsFrom", "dSCorePropagationData",
>> "msExchServer1HighestUSN",
>> "replUpToDateVector", "repsTo", "whenChanged",
>> "uSNChanged", "uSNCreated",
>>
>>
>> I now get this:
>>
>> * Comparing [DOMAIN] context...
>>
>> * Objects to be compared: 275
>>
>> * Result for [DOMAIN]: SUCCESS
>>
>> * Comparing [CONFIGURATION] context...
>>
>> * Objects to be compared: 1615
>>
>> * Result for [CONFIGURATION]: SUCCESS
>>
>> * Comparing [SCHEMA] context...
>>
>> * Objects to be compared: 1561
>>
>> * Result for [SCHEMA]: SUCCESS
>>
>> * Comparing [DNSDOMAIN] context...
>>
>> * Objects to be compared: 54
>>
>> * Result for [DNSDOMAIN]: SUCCESS
>>
>> * Comparing [DNSFOREST] context...
>>
>> * Objects to be compared: 18
>>
>> * Result for [DNSFOREST]: SUCCESS
>>
>> That seems to be a success to me ;-)
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
More information about the samba
mailing list