[Samba] joined DC but replication fails

steve steve at steve-ss.com
Wed Jun 18 02:09:29 MDT 2014


On Wed, 2014-06-18 at 02:36 +0200, Günter Kukkukk wrote:
> Am 17.06.2014 19:35, schrieb steve:
> > On Tue, 2014-06-17 at 19:01 +0200, steve wrote:
> >> ubuntu 14.04 DCs
> >>
> >> DC1 with fsmo
> >> resolve_lmhosts: Attempting lmhosts lookup for name
> >> 51755e44-0a78-4ab8-8206-b4ae8a09c172._msdcs.altea.site<0x20>
> >> dns child failed to find name
> >> '51755e44-0a78-4ab8-8206-b4ae8a09c172._msdcs.altea.site' of type A
> >>
> >> DC2
> >> /usr/local/samba/sbin/samba_dnsupdate: update failed: NOTAUTH
> >> resolve_lmhosts: Attempting lmhosts lookup for name
> >> 37cb1209-7eef-4671-b38b-2a71c231a40b._msdcs.altea.site<0x20>
> >>
> >> What's missing?
> >> Thanks,
> >> Steve
> >>
> >>
> > 
> > Left it for a bit and now that's working. However, still no replication.
> > I add a user on DC2 and nothing appears on DC1
> > 
> > DC1
> > ./samba-tool drs showrepl
> > Default-First-Site-Name\PALMERA
> > DSA Options: 0x00000001
> > DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> > DSA invocationId: 93fa0553-a972-4107-ab83-4b60790660f9
> > 
> > ==== INBOUND NEIGHBORS ====
> > 
> > ==== OUTBOUND NEIGHBORS ====
> > 
> > DC=ForestDnsZones,DC=altea,DC=site
> > 	Default-First-Site-Name\GERANIO via RPC
> > 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> > 		Last attempt @ NTTIME(0) was successful
> > 		0 consecutive failure(s).
> > 		Last success @ NTTIME(0)
> > 
> > DC=DomainDnsZones,DC=altea,DC=site
> > 	Default-First-Site-Name\GERANIO via RPC
> > 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> > 		Last attempt @ NTTIME(0) was successful
> > 		0 consecutive failure(s).
> > 		Last success @ NTTIME(0)
> > 
> > DC=altea,DC=site
> > 	Default-First-Site-Name\GERANIO via RPC
> > 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> > 		Last attempt @ NTTIME(0) was successful
> > 		0 consecutive failure(s).
> > 		Last success @ NTTIME(0)
> > 
> > CN=Schema,CN=Configuration,DC=altea,DC=site
> > 	Default-First-Site-Name\GERANIO via RPC
> > 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> > 		Last attempt @ NTTIME(0) was successful
> > 		0 consecutive failure(s).
> > 		Last success @ NTTIME(0)
> > 
> > CN=Configuration,DC=altea,DC=site
> > 	Default-First-Site-Name\GERANIO via RPC
> > 		DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> > 		Last attempt @ NTTIME(0) was successful
> > 		0 consecutive failure(s).
> > 		Last success @ NTTIME(0)
> > 
> > ==== KCC CONNECTION OBJECTS ====
> > 
> > 
> > DC2
> >  sudo samba-tool drs showrepl
> > Default-First-Site-Name\GERANIO
> > DSA Options: 0x00000001
> > DSA object GUID: 51755e44-0a78-4ab8-8206-b4ae8a09c172
> > DSA invocationId: 0b9244b1-2821-4f78-8643-0ad08d4ddced
> > 
> > ==== INBOUND NEIGHBORS ====
> > 
> > DC=altea,DC=site
> > 	Default-First-Site-Name\PALMERA via RPC
> > 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> > 		Last attempt @ Tue Jun 17 19:19:24 2014 CEST was successful
> > 		0 consecutive failure(s).
> > 		Last success @ Tue Jun 17 19:19:24 2014 CEST
> > 
> > CN=Schema,CN=Configuration,DC=altea,DC=site
> > 	Default-First-Site-Name\PALMERA via RPC
> > 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> > 		Last attempt @ Tue Jun 17 19:19:26 2014 CEST was successful
> > 		0 consecutive failure(s).
> > 		Last success @ Tue Jun 17 19:19:26 2014 CEST
> > 
> > CN=Configuration,DC=altea,DC=site
> > 	Default-First-Site-Name\PALMERA via RPC
> > 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> > 		Last attempt @ Tue Jun 17 19:19:27 2014 CEST was successful
> > 		0 consecutive failure(s).
> > 		Last success @ Tue Jun 17 19:19:27 2014 CEST
> > 
> > DC=ForestDnsZones,DC=altea,DC=site
> > 	Default-First-Site-Name\PALMERA via RPC
> > 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> > 		Last attempt @ Tue Jun 17 19:19:23 2014 CEST was successful
> > 		0 consecutive failure(s).
> > 		Last success @ Tue Jun 17 19:19:23 2014 CEST
> > 
> > DC=DomainDnsZones,DC=altea,DC=site
> > 	Default-First-Site-Name\PALMERA via RPC
> > 		DSA object GUID: 37cb1209-7eef-4671-b38b-2a71c231a40b
> > 		Last attempt @ Tue Jun 17 19:19:23 2014 CEST was successful
> > 		0 consecutive failure(s).
> > 		Last success @ Tue Jun 17 19:19:23 2014 CEST
> > 
> > ==== OUTBOUND NEIGHBORS ====
> > 
> > ==== KCC CONNECTION OBJECTS ====
> > 
> > Nothing created on the new dc is replicated.
> > Anything to check?
> > Thanks.
> > Steve
> > 
> > 
> 
> which samba version(s) are you running on your DCs - and are you
> using a released version or did you build yourself (e.g. from git ...)?

We are investigating a move to Ubuntu when sysvol is working:
 samba --version
Version 4.2.0pre1-GIT-7f36828
on Ubuntu 14.04
> 
> Btw - what do you get with:
>     samba-tool testparm -v --suppress-prompt | grep kccsrv:samba_kcc
> on your DCs?
> 
> Cheers, Günter
> 

On both DCs:
sudo samba-tool testparm -v --suppress-prompt | grep kccsrv:samba_kcc
	kccsrv:samba_kcc = true


Hi
Question: If I create a user on DC1 it replicates. If I create a user on
DC2 it does not. Is the replication one way only with this version?
Thanks,
Steve




More information about the samba mailing list