[Samba] samba 4 joining a Windows 2003 srv / Sync and DNS problems

Sam sr42354 at gmail.com
Fri Apr 3 08:53:02 MDT 2015 

hello,

After a lot of different approach to move from an old windows 2000 
server AD to samba4, my last try seems nearly good now...
I did this :
- Preparing the old DC with adprep commands
- add DNS and AD roles in a new temporary win 2003srv
- add this new server as an AD controller
- transfer all roles to win2003 with ntdsutil command
- demote win2000
- put the AD domain and forest functional level to 2003
- move _msdcs in the DNS management tool as described here 
(http://support.microsoft.com/kb/817470/en-us)
- adjust all zones with "Nonsecure and secure" Dynamic updates
- adjust all zones with Replication "To all DNS servers in the active 
directory forest ariane.intra"
- join a new sernet samba4 server.


A lot of things works, I can use rsat tools for managing the dns and the 
AD users of Samba4.
But some things disturbing me...
Replication works only in one way

during Samba4 join I had see that :

descriptor_sd_propagation_recursive: 
DC=DomainDnsZones,DC=ariane,DC=intra not found under DC=ariane,DC=intra
descriptor_sd_propagation_recursive: 
DC=ForestDnsZones,DC=ariane,DC=intra not found under DC=ariane,DC=intra

and now if I do a "samba-tool drs showrepl" command, I thinks it 
missings these parts ( DomainDnsZones and ForestDnsZones)  in OUTBOUND 
sections  :
root at S4:~# samba-tool drs showrepl
Premier-Site-par-defaut\S4
DSA Options: 0x00000001
DSA object GUID: 1092bc64-4165-4e98-9aa7-97a71481fef4
DSA invocationId: f36fc4a1-714c-4906-962c-49f713337271

==== INBOUND NEIGHBORS ====

DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 16:36:58 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 16:36:58 2015 CEST

DC=DomainDnsZones,DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 16:36:58 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 16:36:58 2015 CEST

CN=Configuration,DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 16:36:58 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 16:36:58 2015 CEST

CN=Schema,CN=Configuration,DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 16:36:58 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 16:36:58 2015 CEST

DC=ForestDnsZones,DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 16:36:58 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 16:36:58 2015 CEST

==== OUTBOUND NEIGHBORS ====

DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 15:22:18 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 15:22:18 2015 CEST

CN=Configuration,DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 15:22:18 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 15:22:18 2015 CEST

CN=Schema,CN=Configuration,DC=ariane,DC=intra
         Premier-Site-par-defaut\W2003 via RPC
                 DSA object GUID: 6939e9d0-1c85-4600-9b7f-18ab35e6775d
                 Last attempt @ Fri Apr  3 15:22:23 2015 CEST was successful
                 0 consecutive failure(s).
                 Last success @ Fri Apr  3 15:22:23 2015 CEST

==== KCC CONNECTION OBJECTS ====

Connection --
         Connection name: d4f5908c-c251-43e3-9c5d-1f29e68b3a1b
         Enabled        : TRUE
         Server DNS name : w2003.ariane.intra
         Server DN name  : CN=NTDS 
Settings,CN=W2003,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=ariane,DC=intra
                 TransportType: RPC
                 options: 0x00000001
Warning: No NC replicated for Connection!

What can I do on the win2003 Ad to fix this?

Thanks all!

Samuel

More information about the samba mailing list