[Samba] samba4 replication issues | sam.ldb inconsistency
mourik jan heupink - merit
heupink at merit.unu.edu
Wed Jul 9 09:22:11 MDT 2014
Hi Louis,
> ls -lai .../samba/private/sam.ldb.d/
See here: http://pastebin.com/8Uxt7Hza
> ls -lai .../samba/private/dns/sam.ldb.d/
I have no such directory
> and how much ram does you server have.
DC1 2gig, DC2 3gig. (top tells me both DC's use around 3/4 of their
memory, hardly any or no swap in use)
The DC's are only DC's, nothing else. We have around 300 accounts.
Just one *vital* question in all this:
On DC2 the "samba-tool dbcheck cross-nc" never finishes checking 187478
objects. However: everything on the DC2 seems to work beautifully. It is
fully replicated (except for the DC=DomainDnsZones), DNS on the DC2
works also for our internal domain, the "tdbbackup -v" tells me all ldb
files are fine, etc, etc.
So: the mere fact that "samba-tool dbcheck cross-nc" never finishes...
does it mean that there actually *is* something wrong, or could I
perhaps assume that nothing is wrong with my DC2?
In which case I could transfer roles to DC2, then add a DC3, etc, etc.
The only problem on DC2, as far as I can tell, is: "samba-tool dbcheck
cross-nc" and it's never ending quest to check 187478 objects...
Anyway: thanks *very* much for stepping in and helping!
> and only samba or running more, of lots more.
>
> Greetz,
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: heupink at merit.unu.edu
>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>> heupink - merit
>> Verzonden: woensdag 9 juli 2014 15:57
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] samba4 replication issues | sam.ldb
>> inconsistency
>>
>> Hi Louis,
>>
>> Thanks for your reply.
>>
>> I just installed a new dc3, and tried to join it to the AD:
>>
>> - it finds my writeble DC1
>> - the join succeeds
>> - replication starts, but then it bails out on:
>> Replicating DC=DomainDnsZones,DC=samba,DC=company,DC=com
>> Join failed - cleaning up
>>
>> And for the record: DC=DomainDnsZones is the corrupted ldb file on my
>> dc1. So this sounds logical to me.
>>
>> How dangerous is it, at this point, to transfer all (or perhaps some?)
>> fsmo roles to dc2, which seems to be in slightly better shape
>> than dc1...?
>>
>> (however: on dc2 "samba-tool dbcheck cross-ncs" is STILL
>> checking 187479
>> objects, and, as indicated by Daniel, it will probably never
>> finish that)
>>
>> What a mess...
>>
>> MJ
>>
>>
>> On 7/9/2014 15:00, L.P.H. van Belle wrote:
>>> In you case, i would go for a new install.
>>>
>>> Add DC3 to the domain, check the database.
>>> move the FSMO Roles to this server.
>>>
>>> Why a new install, easier to check for errors.
>>> and ... Dont hurry to much, give the system time to set things.
>>> sychronizing takes time.. so be patient.
>>>
>>> and ( in my case ) takes much less time to fix than solving
>> the problem.
>>> and 1 importent thing, if you do this on a VM, set DC3 to
>> atleast 8GB Ram.
>>> with virtual DC's you set setup within 15 min. ( 5 min for
>> an extra dc for me with my scripts ;-) )
>>> This is also why i dont use a DC for other things the being a DC.
>>> Very fast recovering and new installs.
>>>
>>> Louis
>>>
>>>> -----Oorspronkelijk bericht-----
>>>> Van: heupink at merit.unu.edu
>>>> [mailto:samba-bounces at lists.samba.org] Namens mourik jan
>>>> heupink - merit
>>>> Verzonden: woensdag 9 juli 2014 14:31
>>>> Aan: samba at lists.samba.org
>>>> Onderwerp: Re: [Samba] samba4 replication issues | sam.ldb
>>>> inconsistency
>>>>
>>>> Hi achim, list
>>>>
>>>>> If one of your two DC's is still working flawless you can
>> try to move
>>>>> all fsmo roles to that server and rejoin the other one.
>>>> But I'm not *sure* that one of my dc's is in perfect shape. I *know*
>>>> that the DC=DOMAINDNSZONES on dc1 is corrupt.
>>>>
>>>> DC2 seems to be fine, however, samba-tool dbcheck cross-ncs
>>>> never stops
>>>> checking, and has been running for 18 hours now. So perhaps
>> dc2 is not
>>>> healthy too?
>>>>
>>>> samba-tool fsmo show tells me that all roles are currently
>> on the DC1.
>>>>
>>>> I'm a bit hesitant to start messing with my AD (transferring roles,
>>>> etc), because of the uncertain state it seems to be in. I'm
>>>> not sure if
>>>> I'll be able to reverse it, if this goes terribly wrong.
>>>>
>>>> If I *knew* that DC2 is healthy, I could transfer all roles
>>>> there, etc.
>>>> But as Daniel said: he had to reinstall a DC because of "samba-tool
>>>> dbcheck cross-ncs" that never ended. (like the situation on my DC2)
>>>>
>>>>> Seems tdbbackup works on dc1 for
>>>>> DC=DOMAINDNSZONES,DC=SAMBA,DC=COMPANY,DC=COM.ldb maybe using
>>>> the backup
>>>>> fixes your issues.
>>>> So, is it possible to use take the
>>>> DC=DOMAINDNSZONES,DC=SAMBA,DC=COMPANY,DC=COM.ldb from the
>> working dc,
>>>> and copy it to the problem dc? Can I overwrite the corrupt file with
>>>> another dc's file?
>>>>
>>>> Or is my best bet now to install a DC3, and see what gets
>>>> replicated to
>>>> that new dc?
>>>>
>>>> MJ
>>>>
>>>>>
>>>>> achim~
>>>>>
>>>>>
>>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>
More information about the samba
mailing list