[Samba] demote DC
Marc Muehlfeld
mmuehlfeld at samba.org
Sat Jul 19 10:13:31 MDT 2014
Hello Fernando,
Am 19.07.2014 12:44, schrieb Fernando Rodriguez:
> Hoorn
> root at hoorn:/home/newhang# samba-tool fsmo show
> InfrastructureMasterRole owner: CN=NTDS
> Settings,CN=VOLENDAM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=solid-optics,DC=local
>
> RidAllocationMasterRole owner: CN=NTDS
> Settings,CN=VOLENDAM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=solid-optics,DC=local
>
> PdcEmulationMasterRole owner: CN=NTDS
> Settings,CN=VOLENDAM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=solid-optics,DC=local
>
> DomainNamingMasterRole owner: CN=NTDS
> Settings,CN=VOLENDAM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=solid-optics,DC=local
>
> SchemaMasterRole owner: CN=NTDS
> Settings,CN=VOLENDAM,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=solid-optics,DC=local
It's interesting, that hoorn has this in this local AD copy, but still
thinks, that it owns two of the roles.
> root at hoorn:/home/newhang# samba-tool drs showrepl
> ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to
> hoorn.solid-optics.local failed - drsException: DRS connection to
> hoorn.solid-optics.local failed: (-1073741643, 'NT_STATUS_IO_TIMEOUT')
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/drs.py", line
> 39, in drsuapi_connect
> (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) =
> drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/drs_utils.py", line
> 54, in drsuapi_connect
> raise drsException("DRS connection to %s failed: %s" % (server, e))
> root at hoorn:/home/newhang#
>
> Even thath, hoorn can not ping to the domain, but it finds it on the DNS.
>
> All DC points the roles to the shame DC, but hoorn is not replicating
> from the other ones.root at hoorn:/home/newhang# ping solid-optics.local
> ping: unknown host solid-optics.local
> root at hoorn:/home/newhang# nslookup solid-optics.local
> Server: 192.168.10.42
> Address: 192.168.10.42#53
>
> Name: solid-optics.local
> Address: 192.168.10.42
> Name: solid-optics.local
> Address: 192.168.10.41
> Name: solid-optics.local
> Address: 192.168.10.37
>
> root at hoorn:/home/newhang# cat /etc/resolv.conf
> domain solid-optics.local
> search solid-optics.local
> nameserver 192.168.10.42
> nameserver 192.168.10.41
> nameserver 192.168.10.37
* Can you check, that you can resolve the following DNS names on all
three hosts
<GUID_hoorn>._msdcs.<domain>
<GUID_volendam>._msdcs.<domain>
<GUID_tilburg>._msdcs.<domain>
The GUIDs you see in the showrepl output, or run
# # ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)'
--cross-ncs objectguid
* Any security stuff (firewall, etc.) on the DCs or between, that could
cause that?
* Can you show the content of hoorns /etc/hosts, please?
* Can you ping the IPs of the other both DC from hoorn?
* Anything interesting in the logs of hoorn? What's the output when you
run 'samba-tool' with a debug level of 3?
* What Samba version do you run on all 3 DCs? Self compiled, SerNet,
distro packages, etc.?
Regards,
Marc
More information about the samba
mailing list