[Samba] Samba4 AD/DC Replication
Gémes Géza
geza at kzsdabas.hu
Thu Jan 9 12:19:22 MST 2014
First: As I have not touched samba code or config since September
(working on other projects at a different employer) I might not be the
best source of information, so please keep this discussion on the list.
Second: The dns problem is a clear indicator for the origin of the
problem, btw. could you check what listens on port 53 on both boxes
(netstat -lpn), and also in smb.conf which services are enabled?
Regards,
Geza
> In the side of the Secondary DC:
>
> samba-tool drs showrepl
> Default-First-Site-Name\SRV-REPLICA
> DSA Options: 0x00000001
> DSA object GUID: 2f0850f9-400d-47d6-93bb-3c09026e67de
> DSA invocationId: 0ede7b48-5be1-4a80-ae12-a7f7423e8d00
>
> ==== INBOUND NEIGHBORS ====
>
> CN=Schema,CN=Configuration,DC=mgej,DC=gov,DC=ar
> Default-First-Site-Name\SRV-MGEJLINUX via RPC
> DSA object GUID: 623fbf94-8984-4fe0-bfce-c02ab0879e8c
> Last attempt @ Thu Jan 9 09:53:35 2014 ART failed, result 2
> (WERR_BADFILE)
> 4 consecutive failure(s).
> Last success @ Thu Jan 9 09:39:38 2014 ART
>
> DC=DomainDnsZones,DC=mgej,DC=gov,DC=ar
> Default-First-Site-Name\SRV-MGEJLINUX via RPC
> DSA object GUID: 623fbf94-8984-4fe0-bfce-c02ab0879e8c
> Last attempt @ Thu Jan 9 09:53:34 2014 ART failed, result 2
> (WERR_BADFILE)
> 4 consecutive failure(s).
> Last success @ Thu Jan 9 09:39:51 2014 ART
>
> CN=Configuration,DC=mgej,DC=gov,DC=ar
> Default-First-Site-Name\SRV-MGEJLINUX via RPC
> DSA object GUID: 623fbf94-8984-4fe0-bfce-c02ab0879e8c
> Last attempt @ Thu Jan 9 09:53:35 2014 ART failed, result 2
> (WERR_BADFILE)
> 4 consecutive failure(s).
> Last success @ Thu Jan 9 09:39:48 2014 ART
>
> DC=mgej,DC=gov,DC=ar
> Default-First-Site-Name\SRV-MGEJLINUX via RPC
> DSA object GUID: 623fbf94-8984-4fe0-bfce-c02ab0879e8c
> Last attempt @ Thu Jan 9 09:53:35 2014 ART failed, result 2
> (WERR_BADFILE)
> 4 consecutive failure(s).
> Last success @ Thu Jan 9 09:39:51 2014 ART
>
> DC=ForestDnsZones,DC=mgej,DC=gov,DC=ar
> Default-First-Site-Name\SRV-MGEJLINUX via RPC
> DSA object GUID: 623fbf94-8984-4fe0-bfce-c02ab0879e8c
> Last attempt @ Thu Jan 9 09:53:35 2014 ART failed, result 2
> (WERR_BADFILE)
> 6 consecutive failure(s).
> Last success @ Thu Jan 9 09:39:52 2014 ART
>
> ==== OUTBOUND NEIGHBORS ====
>
> ==== KCC CONNECTION OBJECTS ====
>
> Connection --
> Connection name: a23fcbfc-636a-4a4d-9787-0663f80ce3bc
> Enabled : TRUE
> Server DNS name : SRV-MGEJLINUX.mgej.gov.ar
> <http://SRV-MGEJLINUX.mgej.gov.ar>
> Server DN name : CN=NTDS
> Settings,CN=SRV-MGEJLINUX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mgej,DC=gov,DC=ar
> TransportType: RPC
> options: 0x00000001
> Warning: No NC replicated for Connection!
>
>
> ------------------.-----------------
>
> In the side of the PDC, samba always send me a message:
>
> /usr/sbin/rndc: rndc: neither /etc/bind/rndc.conf nor
> /etc/bind/rndc.key was found
> ../source4/dsdb/dns/dns_update.c:90: Failed rndc update -
> NT_STATUS_ACCESS_DENIED
>
> I don't use Bind for delegate DNS, just use internal dns...
>
> Did you think that the problem can be for these trouble?
>
> regards
>
>
>
>
>
>
> 2014/1/7 Gémes Géza <geza at kzsdabas.hu <mailto:geza at kzsdabas.hu>>
>
> 2014-01-07 11:54 keltezéssel, L.P.H. van Belle írta:
>
> i disagree... this:
>
> On 07/01/14 06:40, Daniel Müller wrote:
>
> NO!!! It does not!!!
> Even in a real Windows environemenmt it does not. One
> is the
>
> chief holding
>
> all. The other Servers just get the infos.
> Tested it a thousand times and it always replicate only in
>
> one direction
>
> master to slave.
>
>
> Hi,
>
> What is the output of samba-tool drs showrepl on the boxes?
>
> I do not maintain a Samba network anymore (from 1st of October
> last year), but I remember, that missing dns entries under _msdcs
> caused me lots of similar errors in the past.
>
> Regards,
>
> Geza Gemes
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list