[Samba] sanmba4 DC to DC sync: not all attributes are synced
Andrew Bartlett
abartlet at samba.org
Thu May 29 16:06:50 MDT 2014
On Thu, 2014-05-29 at 10:20 -0400, Allen Chen wrote:
> Hi everyone,
>
> I installed a second samba4 DC and join to the first samba4 DC,
> following this link
> https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC,
> I added two records to the internal DNS, and checked everything works as
> promising.
> I did a ldbsearch on the two DCs, I found 5 attributes are not copied
> over to the second DC.
> ldbsearch -H ldap://localhost/ -U administrator --password=myadminpass
> -b "CN=myid,CN=Users,DC=mydomain,DC=local"
> Here are the 5 attributes not show up on the second DC:
> badPasswordTime: 0
> badPwdCount: 0
> lastLogoff: 130444597380000000
> lastLogon: 130444576520000000
> logonCount: 0
>
> Is this normal? what I think the ldap records should be the same on both
> AD DC after synced.
Some attributes are marked as 'not replicated', and these are in that
list. It is defined by the schema. In this case it is to avoid a
replication storm created by the daily logon/logoff traffic.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list