[Samba] AD DC out of sync
Lars Hanke
debian at lhanke.de
Wed Mar 11 11:01:16 MDT 2015
It now happened for the second time: Out of the blue, I could not login
from windows machines or authenticate using smbclient, while
Kerberos/nslcd were still working fine, after setting a password.
The cause is that the password change didn' reach both AD DCs, but only
one. The other one still had the old value as could be seen by
samba-tool ldapcmp. Restarting the DCs and waiting for a couple of
seconds brings them back to sync and Windows logons work as they used to.
samba-tool drs showrepl does not show any failure, beyond: Warning: No
NC replicated for Connection!
Any idea, what I should do next time to obtain valuable output for
debugging?
Kind regards,
- lars.
More information about the samba
mailing list