[Samba] Replication error after trying to sync sysvol

Johannes Amorosa | Celluloid VFX johannesa at celluloid-vfx.com
Fri Mar 27 07:59:54 MDT 2015 

for the records:
samba-tool dns delete DC03 ourdomain.inc DC03 A 10.0.2.15 -U administrator

On 03/27/2015 02:12 PM, Johannes Amorosa | Celluloid VFX wrote:
> Found the problem. There is a DNS Problem on one machine. This happend 
> because I was testing some samba AD settings in a virtual machine,
> without knowing that NAT isn't shielding this properly - this vm 
> propagated the "new" IP to one of the dcs.
>
> DC04> ping DC03
> gives wrong IP!
>
> This should be fixable with the samba-tool dns update?
>
>
> On 03/27/2015 01:14 PM, Johannes Amorosa | Celluloid VFX wrote:
>> I tried to synchronize the sysvol folders, on two dcs. Something went 
>> wrong since yesterday we have replication problems:
>> One machine shows this, while the other one is happy.
>>
>> samba-tool drs showrepl
>>
>> ==== INBOUND NEIGHBORS ====
>>
>> DC=DomainDnsZones,DC=ourdomain,DC=com
>>     Default-First-Site-Name\DC03 via RPC
>>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>>         Last attempt @ Fri Mar 27 12:58:42 2015 CET failed, result 
>> 121 (WERR_SEM_TIMEOUT)
>>         126 consecutive failure(s).
>>         Last success @ Fri Mar 27 03:40:24 2015 CET
>>
>> DC=ForestDnsZones,DC=ourdomain,DC=com
>>     Default-First-Site-Name\DC04 via RPC
>>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>>         Last attempt @ Fri Mar 27 12:51:41 2015 CET failed, result 
>> 121 (WERR_SEM_TIMEOUT)
>>         102 consecutive failure(s).
>>         Last success @ Fri Mar 27 03:40:24 2015 CET
>>
>> DC=ourdomain,DC=com
>>     Default-First-Site-Name\DC03 via RPC
>>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>>         Last attempt @ Fri Mar 27 12:57:42 2015 CET failed, result 
>> 121 (WERR_SEM_TIMEOUT)
>>         106 consecutive failure(s).
>>         Last success @ Fri Mar 27 03:40:25 2015 CET
>>
>> CN=Configuration,DC=ourdomain,DC=com
>>     Default-First-Site-Name\DC03 via RPC
>>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>>         Last attempt @ Fri Mar 27 12:53:41 2015 CET failed, result 
>> 121 (WERR_SEM_TIMEOUT)
>>         102 consecutive failure(s).
>>         Last success @ Fri Mar 27 03:40:26 2015 CET
>>
>> CN=Schema,CN=Configuration,DC=ourdomain,DC=com
>>     Default-First-Site-Name\DC03 via RPC
>>         DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
>>         Last attempt @ Fri Mar 27 12:54:41 2015 CET failed, result 
>> 121 (WERR_SEM_TIMEOUT)
>>         102 consecutive failure(s).
>>         Last success @ Fri Mar 27 03:40:28 2015 CET
>> <snip>
>>
>> Every service still seems to work - but we're quite nervous - this is 
>> a production system(lesson learned!).
>>
>> I tried to force sync
>> samba-tool drs replicate --full-sync DC04 DC03 dc=ourdomain,dc=com
>> ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - 
>> drsException: DsReplicaSync failed (-1073741643, 'NT_STATUS_IO_TIMEOUT')
>>
>> Or setup:
>> sernet-samba                             99:4.1.17-10
>>
>> [global]
>>     workgroup = OURDOMAIN
>>     realm = OURDOMAIN.COM
>>     netbios name = DC04
>>     log level = 3
>>
>>     server role = active directory domain controller
>>     dns forwarder = 192.168.1.254
>> <snip>
>>
>> Ubuntu 12.04
>>
>> How can I fix this. Any help is highly appreciated.
>> Joe
>>
>

-- 
Johannes Amorosa | Celluloid VFX

More information about the samba mailing list