[Samba] joined DC but replication fails

Günter Kukkukk linux at kukkukk.com
Tue Jun 17 18:36:12 MDT 2014


Am 17.06.2014 19:35, schrieb steve:
> On Tue, 2014-06-17 at 19:01 +0200, steve wrote:
>> ubuntu 14.04 DCs
>>
>> DC1 with fsmo
>> resolve_lmhosts: Attempting lmhosts lookup for name
>> 51755e44-0a78-4ab8-8206-b4ae8a09c172._msdcs.altea.site<0x20>
>> dns child failed to find name
>> '51755e44-0a78-4ab8-8206-b4ae8a09c172._msdcs.altea.site' of type A
>>
>> DC2
>> /usr/local/samba/sbin/samba_dnsupdate: update failed: NOTAUTH
>> resolve_lmhosts: Attempting lmhosts lookup for name
>> 37cb1209-7eef-4671-b38b-2a71c231a40b._msdcs.altea.site<0x20>
>>
>> What's missing?
>> Thanks,
>> Steve
>>
>>
> 
> Left it for a bit and now that's working. However, still no replication.
> I add a user on DC2 and nothing appears on DC1
> 
> DC1
> ./samba-tool drs showrepl
> Default-First-Site-Name\PALMERA
> DSA Options: 0x00000001
> DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> DSA invocationId: 93fa0553-a972-4107-ab83-4b60790660f9
> 
> ==== INBOUND NEIGHBORS ====
> 
> ==== OUTBOUND NEIGHBORS ====
> 
> DC=ForestDnsZones,DC=altea,DC=site
> 	Default-First-Site-Name\GERANIO via RPC
> 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> 		Last attempt @ NTTIME(0) was successful
> 		0 consecutive failure(s).
> 		Last success @ NTTIME(0)
> 
> DC=DomainDnsZones,DC=altea,DC=site
> 	Default-First-Site-Name\GERANIO via RPC
> 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> 		Last attempt @ NTTIME(0) was successful
> 		0 consecutive failure(s).
> 		Last success @ NTTIME(0)
> 
> DC=altea,DC=site
> 	Default-First-Site-Name\GERANIO via RPC
> 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> 		Last attempt @ NTTIME(0) was successful
> 		0 consecutive failure(s).
> 		Last success @ NTTIME(0)
> 
> CN=Schema,CN=Configuration,DC=altea,DC=site
> 	Default-First-Site-Name\GERANIO via RPC
> 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> 		Last attempt @ NTTIME(0) was successful
> 		0 consecutive failure(s).
> 		Last success @ NTTIME(0)
> 
> CN=Configuration,DC=altea,DC=site
> 	Default-First-Site-Name\GERANIO via RPC
> 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> 		Last attempt @ NTTIME(0) was successful
> 		0 consecutive failure(s).
> 		Last success @ NTTIME(0)
> 
> ==== KCC CONNECTION OBJECTS ====
> 
> 
> DC2
>  sudo samba-tool drs showrepl
> Default-First-Site-Name\GERANIO
> DSA Options: 0x00000001
> DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> DSA invocationId: 0b9244b1-2821-4f78-8643-0ad08d4ddced
> 
> ==== INBOUND NEIGHBORS ====
> 
> DC=altea,DC=site
> 	Default-First-Site-Name\PALMERA via RPC
> 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> 		Last attempt @ Tue Jun 17 19:19:24 2014 CEST was successful
> 		0 consecutive failure(s).
> 		Last success @ Tue Jun 17 19:19:24 2014 CEST
> 
> CN=Schema,CN=Configuration,DC=altea,DC=site
> 	Default-First-Site-Name\PALMERA via RPC
> 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> 		Last attempt @ Tue Jun 17 19:19:26 2014 CEST was successful
> 		0 consecutive failure(s).
> 		Last success @ Tue Jun 17 19:19:26 2014 CEST
> 
> CN=Configuration,DC=altea,DC=site
> 	Default-First-Site-Name\PALMERA via RPC
> 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> 		Last attempt @ Tue Jun 17 19:19:27 2014 CEST was successful
> 		0 consecutive failure(s).
> 		Last success @ Tue Jun 17 19:19:27 2014 CEST
> 
> DC=ForestDnsZones,DC=altea,DC=site
> 	Default-First-Site-Name\PALMERA via RPC
> 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> 		Last attempt @ Tue Jun 17 19:19:23 2014 CEST was successful
> 		0 consecutive failure(s).
> 		Last success @ Tue Jun 17 19:19:23 2014 CEST
> 
> DC=DomainDnsZones,DC=altea,DC=site
> 	Default-First-Site-Name\PALMERA via RPC
> 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> 		Last attempt @ Tue Jun 17 19:19:23 2014 CEST was successful
> 		0 consecutive failure(s).
> 		Last success @ Tue Jun 17 19:19:23 2014 CEST
> 
> ==== OUTBOUND NEIGHBORS ====
> 
> ==== KCC CONNECTION OBJECTS ====
> 
> Nothing created on the new dc is replicated.
> Anything to check?
> Thanks.
> Steve
> 
> 

which samba version(s) are you running on your DCs - and are you
using a released version or did you build yourself (e.g. from git ...)?

Btw - what do you get with:
    samba-tool testparm -v --suppress-prompt | grep kccsrv:samba_kcc
on your DCs?

Cheers, Günter

-- 



More information about the samba mailing list