[Samba] Problem creating new DC's

Chris Alavoine chrisa at acs-info.co.uk
Wed Jun 4 06:58:22 MDT 2014 

Hi James,

Just thought I'd report my success!

I'd forgotten to specify the local DC (same Site) in my domain provision
command:

/usr/local/samba/bin/samba-tool domain join example.com DC -UAdministrator
--realm=example.com --server=blahdc --site=blah

This still took over an hour but didn't produce the above TIMEOUT error.

Thanks for your help on this!

c:)



On 3 June 2014 16:40, Chris Alavoine <chrisa at acs-info.co.uk> wrote:

> Hi James,
>
> I have upped the RAM to 20GB and given it 8 cores, but unfortunately am
> getting the same result. The time taken to process all the objects is well
> over an hour which I'm guessing is where my problem lies.
>
> Not sure what else to try expect maybe attempting to reduce the number of
> DC's (over a weekend) and try again.
>
> Thanks,
> Chris.
>
>
> On 3 June 2014 13:56, lp101 <lingpanda101 at gmail.com> wrote:
>
>>      I believe I needed at least 8GB to complete the join process. I know
>> it was more then 4GB. Here is a link to my discussion I had on this list in
>> Jan.
>>
>>
>> http://samba.2283325.n4.nabble.com/DomainDnsZone-Replication-Shows-200-000-Objects-td4658437i20.html
>>
>>     I strongly discourage using the tombstone attribute to fix this issue
>> within this discussion. It created more issues then it was worth. I'm not
>> sure if this bug was fixed or not. Increase the memory and attempt to join
>> the new DC to the existing DC at that site. It should help with the timeout
>> error. Good luck!
>>
>>
>>
>> On 6/3/2014 8:44 AM, Chris Alavoine wrote:
>>
>> Hi James,
>>
>>  Thanks for the reply.
>>
>>  My last attempt had 4GB RAM and 4 cores (VM). Do you think I should
>> give it some more?
>>
>>  Thanks,
>> Chris.
>>
>>
>> On 3 June 2014 13:42, lp101 <lingpanda101 at gmail.com> wrote:
>>
>>>     Hi Chris,
>>>
>>>     How much memory does your server have and are you attempting to join
>>> it to the local DC at the site? I've had an issue similar to this and
>>> increasing the server memory and attempting to join to a local DC helped.
>>>
>>>
>>> On 6/3/2014 8:04 AM, Chris Alavoine wrote:
>>>
>>>> Hi there,
>>>>
>>>> I currently have 6 Samba4 (4.1.5) DC's spread over a global network.
>>>> This
>>>> is working ok but they were created before any Sites were made and as
>>>> the
>>>> ability to move DC's to new Sites is not working, I am attempting to
>>>> create
>>>> new DC's in each location and then demote the old ones.
>>>>
>>>> The problem I am facing is the domain join process keeps timing out for
>>>> any
>>>> new DC. I think this is due the amount of objects that now need to be
>>>> synced:
>>>>
>>>> Partition[DC=DomainDnsZones,DC=essence,DC=internal,DC=com]
>>>> objects[142711/162691] linked_values[0/0]
>>>> Partition[DC=DomainDnsZones,DC=essence,DC=internal,DC=com]
>>>> objects[143113/162691] linked_values[0/0]
>>>> Partition[DC=DomainDnsZones,DC=essence,DC=internal,DC=com]
>>>> objects[143515/162691] linked_values[0/0]
>>>>
>>>> (this is a snippet from attempting to join, as you can see there are
>>>> 162691
>>>> objects which takes a fair amount of time to get through - I have tried
>>>> this from various different locations).
>>>>
>>>> This is the final error I get:
>>>>
>>>> Replicating DC=ForestDnsZones,DC=essence,DC=internal,DC=com
>>>> Partition[DC=ForestDnsZones,DC=essence,DC=internal,DC=com]
>>>> objects[24/24]
>>>> linked_values[0/0]
>>>> Partition[DC=ForestDnsZones,DC=essence,DC=internal,DC=com]
>>>> objects[48/24]
>>>> linked_values[0/0]
>>>> Committing SAM database
>>>> Sending DsReplicateUpdateRefs for all the replicated partitions
>>>> Join failed - cleaning up
>>>> checking sAMAccountName
>>>> ERROR(runtime): uncaught exception - (-1073741643,
>>>> 'NT_STATUS_IO_TIMEOUT')
>>>>    File
>>>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>>>> line 175, in _run
>>>>      return self.run(*args, **kwargs)
>>>>    File
>>>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>>>> line
>>>> 552, in run
>>>>      machinepass=machinepass, use_ntvfs=use_ntvfs,
>>>> dns_backend=dns_backend)
>>>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
>>>> line
>>>> 1172, in join_DC
>>>>      ctx.do_join()
>>>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
>>>> line
>>>> 1082, in do_join
>>>>      ctx.join_finalise()
>>>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
>>>> line
>>>> 881, in join_finalise
>>>>      ctx.send_DsReplicaUpdateRefs(nc)
>>>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
>>>> line
>>>> 866, in send_DsReplicaUpdateRefs
>>>>      ctx.drsuapi.DsReplicaUpdateRefs(ctx.drsuapi_handle, 1, r)
>>>>
>>>>
>>>> Which seem to suggest that the join fails, it tries to clean up and
>>>> gets a
>>>> NT_STATUS_IO_TIMEOUT error.
>>>>
>>>> This leaves me with a non-functioning DC appearing in the Domain
>>>> Controller
>>>> list on ADUC and ADSS which need to be cleaned out.
>>>>
>>>> Any advice on how I can get around this problem?
>>>>
>>>> Thanks
>>>> Chris.
>>>>
>>>>
>>> --
>>>  -James
>>>
>>>
>>
>>
>>  --
>> ACS (Alavoine Computer Services Ltd)
>> Chris Alavoine
>> mob +44 (0)7724 710 730
>> www.alavoinecs.co.uk
>> http://twitter.com/#!/alavoinecs
>> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>>
>>
>> --
>> -James
>>
>>
>
>
> --
> ACS (Alavoine Computer Services Ltd)
> Chris Alavoine
> mob +44 (0)7724 710 730
> www.alavoinecs.co.uk
> http://twitter.com/#!/alavoinecs
> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>



-- 
ACS (Alavoine Computer Services Ltd)
Chris Alavoine
mob +44 (0)7724 710 730
www.alavoinecs.co.uk
http://twitter.com/#!/alavoinecs
http://www.linkedin.com/pub/chris-alavoine/39/606/192

More information about the samba mailing list