[Samba] Replication error after trying to sync sysvol

Johannes Amorosa | Celluloid VFX johannesa at celluloid-vfx.com
Fri Mar 27 07:12:34 MDT 2015 

Found the problem. There is a DNS Problem on one machine. This happend 
because I was testing some samba AD settings in a virtual machine,
without knowing that NAT isn't shielding this properly - this vm 
propagated the "new" IP to one of the dcs.

DC04> ping DC03
gives wrong IP!

This should be fixable with the samba-tool dns update?


On 03/27/2015 01:14 PM, Johannes Amorosa | Celluloid VFX wrote:
> I tried to synchronize the sysvol folders, on two dcs. Something went 
> wrong since yesterday we have replication problems:
> One machine shows this, while the other one is happy.
>
> samba-tool drs showrepl
>
> ==== INBOUND NEIGHBORS ====
>
> DC=DomainDnsZones,DC=ourdomain,DC=com
>     Default-First-Site-Name\DC03 via RPC
>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>         Last attempt @ Fri Mar 27 12:58:42 2015 CET failed, result 121 
> (WERR_SEM_TIMEOUT)
>         126 consecutive failure(s).
>         Last success @ Fri Mar 27 03:40:24 2015 CET
>
> DC=ForestDnsZones,DC=ourdomain,DC=com
>     Default-First-Site-Name\DC04 via RPC
>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>         Last attempt @ Fri Mar 27 12:51:41 2015 CET failed, result 121 
> (WERR_SEM_TIMEOUT)
>         102 consecutive failure(s).
>         Last success @ Fri Mar 27 03:40:24 2015 CET
>
> DC=ourdomain,DC=com
>     Default-First-Site-Name\DC03 via RPC
>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>         Last attempt @ Fri Mar 27 12:57:42 2015 CET failed, result 121 
> (WERR_SEM_TIMEOUT)
>         106 consecutive failure(s).
>         Last success @ Fri Mar 27 03:40:25 2015 CET
>
> CN=Configuration,DC=ourdomain,DC=com
>     Default-First-Site-Name\DC03 via RPC
>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>         Last attempt @ Fri Mar 27 12:53:41 2015 CET failed, result 121 
> (WERR_SEM_TIMEOUT)
>         102 consecutive failure(s).
>         Last success @ Fri Mar 27 03:40:26 2015 CET
>
> CN=Schema,CN=Configuration,DC=ourdomain,DC=com
>     Default-First-Site-Name\DC03 via RPC
>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>         Last attempt @ Fri Mar 27 12:54:41 2015 CET failed, result 121 
> (WERR_SEM_TIMEOUT)
>         102 consecutive failure(s).
>         Last success @ Fri Mar 27 03:40:28 2015 CET
> <snip>
>
> Every service still seems to work - but we're quite nervous - this is 
> a production system(lesson learned!).
>
> I tried to force sync
> samba-tool drs replicate --full-sync DC04 DC03 dc=ourdomain,dc=com
> ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - 
> drsException: DsReplicaSync failed (-1073741643, 'NT_STATUS_IO_TIMEOUT')
>
> Or setup:
> sernet-samba                             99:4.1.17-10
>
> [global]
>     workgroup = OURDOMAIN
>     realm = OURDOMAIN.COM
>     netbios name = DC04
>     log level = 3
>
>     server role = active directory domain controller
>     dns forwarder = 192.168.1.254
> <snip>
>
> Ubuntu 12.04
>
> How can I fix this. Any help is highly appreciated.
> Joe
>

-- 
Johannes Amorosa | Celluloid VFX

More information about the samba mailing list