[Samba] DomainDnsZone Replication Shows 200,000 Objects
achim at ag-web.biz
Fri Jan 10 18:33:57 MST 2014
Am 11.01.2014 02:05, schrieb lp101:
> Just an FYI. I reverted the tombstone back to 180 and replication
> sprang back to life. This was on the DC that held all the FSMO roles.
> While things are working again I'm still back to square one with all
> the deleted domain entries.
Thank you for the status update. I have to add two more servers to one
domain whom will be connected via 1-2MBit SDSL lines, looking at the
time it took your server to replicate the dns database during join makes
me curious how long it will take on my side.
You said your servers had different amounts of deleted records, is that
still the case after you got replication working? If not did they diminish?
My test setup was pretty simple two servers connected via an 2GBit VM
interface. So the changes i made to the tomstoneLifetime attribute
should have been replicated almost instantly.
On an bigger setup it may be better to wait till the change got
replicated to all dc's. The purging of outdated deleted object should
also happen on a daily basis without an restart of the samba services. I
think the active directory docs mentioned somewhere that ad objects do
not get deleted if there are replication errors. I'd change the
attribute more modest to for example 160 days and wait till samba-tool
drs shorrepl shows an successfull replication after the modification.
More information about the samba