[Samba] Replicated Failover Domain Controller and file server using LDAP

Gary Wright gary.wright at tmxatrium.com
Wed Aug 27 06:04:40 MDT 2014 

Hi All 

thought I'd post my results from following your notes when trying to replicate my Samba PDC onto a Samba BDC as seen here 

https://wiki.samba.org/index.php/1.0._Configuring_Samba 

everything seemed to work as described until I got into the 'Initialization LDAP Database' and preloading the edited "preload-differentialdesign.ldif" file, kept getting a failure from the 

"dn: sambaDomainName= DDESIGN ,ou=Domains,dc= differentialdesign ,dc= org " 

section, no matter what options I used. 

Looking at my /var/log/messages on both my DC1 & DC2 I could see continual errors trying to access our either of our 2 DNS servers (example below) 

Aug 25 16:37:55 dc1 samba[2009]: [2014/08/25 16:37:55.120350, 0] ../lib/util/util_runcmd.c:317(samba_runcmd_io_handler) 
Aug 25 16:37:55 dc1 samba[2009]: /usr/local/samba/sbin/samba_dnsupdate: 25-Aug-2014 16:37:55.120 dispatch 0x7f3734031db0: shutting down due to TCP receive error: 10.5.31.11#53: connection reset 
Aug 25 16:37:55 dc1 samba[2009]: [2014/08/25 16:37:55.120519, 0] ../lib/util/util_runcmd.c:317(samba_runcmd_io_handler) 
Aug 25 16:37:55 dc1 samba[2009]: /usr/local/samba/sbin/samba_dnsupdate: ; Communication with 10.5.31.11#53 failed: unexpected error 

though both DNS servers were accessible and resolving addresses perfectly normally. 

I started to troubleshoot the samba status more closely and came across the 'samba_dnsupdate --verbose' command. This gave me a detailed list failures/successes trying to access DNS server records from both DC's 

[root at dc1 ~]# samba_dnsupdate --verbose 
IPs: ['10.5.15.11'] 
Looking for DNS entry A tmxatrium.lan 10.5.15.11 as tmxatrium.lan. 
Looking for DNS entry A dc1.tmxatrium.lan 10.5.15.11 as dc1.tmxatrium.lan. 
Looking for DNS entry A gc._msdcs.tmxatrium.lan 10.5.15.11 as gc._msdcs.tmxatrium.lan. 
Failed to find matching DNS entry A gc._msdcs.tmxatrium.lan 10.5.15.11 as gc._msdcs.tmxatrium.lan 
Looking for DNS entry CNAME 7e32e874-8f2b-459f-b54f-bc96162e4afb._msdcs.tmxatrium.lan dc1.tmxatrium.lan as 7e32e874-8f2b-459f-b54f-bc96162e4afb._msdcs.tmxatrium.lan. 
Failed to find DNS entry CNAME 7e32e874-8f2b-459f-b54f-bc96162e4afb._msdcs.tmxatrium.lan dc1.tmxatrium.lan 
etc 
etc 


I then simply created the DNS records for each of the failures then restarted SAMBA on my BDC, et voila my account information replicated perfectly. 

I'm clearly not using LDAP but I'm not sure I actually need to ?? Is there any advantage ?? 


Regards 

Gary 

		

Gary Wright 


System Administrator 


7th floor, Becket House, 36 Old Jewry 

London, UK, EC2R 8DD 





✉ gary.wright @tmxatrium.com 


Office: +44 203 194 2536 
Mobile: +44 7823 773 262

More information about the samba mailing list