[Samba] Problems with 2 DCs.

Rowland Penny rowlandpenny at googlemail.com
Mon Mar 2 04:58:22 MST 2015

On 02/03/15 11:02, Jean-François Morcillo wrote:
> Le 06/02/2015 17:49, Marc Muehlfeld a écrit :
>> Hello Jean-François,
>> Am 04.02.2015 um 17:51 schrieb Jean-François Morcillo:
>>> Troubles come into the place when I try to create a user on the 2nd DC,
>>> I get the following error message:
>>> samba-tool user create usr1 usr1
>>> ERROR(ldb): Failed to add user 'usr1':  -
>>> ../source4/dsdb/samdb/ldb_modules/ridalloc.c:547: No RID Set DN - Remote
>>> RID Set creation needed
>> This sounds like your DC, didn't got an RID pool assigned from the RID
>> master. See
>> https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_%28FSMO%29_roles#RID_Master
>> for details.
>> If you just have two DCs in your domain, then the first one has this
>> role, if you haven't transfered.
>> Did you had more DCs in the past and maybe haven't demoted correctly and
>> the AD still thinks one of the missing DCs is RID master?
>> Please check, which DC owns the RID master role:
>> # samba-tool fsmo show
>>> More over, new users created on the first DC are never synced to the
>>> second one.
>> Does your replication works in both direction? Check with
>> # samba-tool drs showrepl
>> Regards,
>> Marc
> Hello,
> Just for information, if someone face the same issue, the problem was
> due to the way we manage the DNS (manually).
> As far as I understand, for the purpose of synchronization, samba
> contacts the first DC using an alias (which looks like an UUID, this can
> be seen in samba.log) and we were lacking this alias in our DNS.
> Anyway, thank you for your reply.

Hi, can you share with us just how you were managing DNS and what you 
are doing now.


More information about the samba mailing list