[Samba] Samba 4.2.14 Group Policy (GPO) sync error
rme at bluemail.ch
rme at bluemail.ch
Thu Aug 4 13:00:10 UTC 2016
Perhaps I am on the wrong track but I would like to share some
additional observations...
I quickly enabled DNS query logging:
# rndc querylog
Then run another gpupdate on the client.
During the Update I see lots of queries:
04-Aug-2016 14:46:58.414 queries: info: client 10.0.1.186#59270
(_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local):
view internal: query:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
IN SRV + (10.0.1.6)
04-Aug-2016 14:46:59.223 queries: info: client 10.0.1.186#50476
(_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local):
view internal: query:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
IN SRV + (10.0.1.6)
04-Aug-2016 14:46:59.428 queries: info: client 10.0.1.186#58473
(_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local):
view internal: query:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
IN SRV + (10.0.1.6)
... [message repeated 16 times in total]
or with IPv6 enabled:
04-Aug-2016 14:57:42.217 queries: info: client
fdea:5b48:d4c1:1:68f2:fa7c:db26:ce22#53050
(_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local):
view internal: query:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
IN SRV + (fdea:5b48:d4c1:1:1::6)
04-Aug-2016 14:57:42.401 queries: info: client
fdea:5b48:d4c1:1:68f2:fa7c:db26:ce22#63158
(_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local):
view internal: query:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
IN SRV + (fdea:5b48:d4c1:1:1::6)
04-Aug-2016 14:57:42.711 queries: info: client
fdea:5b48:d4c1:1:68f2:fa7c:db26:ce22#64202
(_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local):
view internal: query:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
IN SRV + (fdea:5b48:d4c1:1:1::6)
... [message repeated 16 times in total]
I did query this from the client:
C:\Temp>nslookup -type=SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
Server: skynet.ad.cyberdyne.local
Address: fdea:5b48:d4c1:1:1::6
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = skynet.ad.cyberdyne.local
_msdcs.ad.cyberdyne.local nameserver = skynet.ad.cyberdyne.local
skynet.ad.cyberdyne.local internet address = 10.0.0.6
skynet.ad.cyberdyne.local internet address = 10.0.2.6
skynet.ad.cyberdyne.local internet address = 10.0.1.6
skynet.ad.cyberdyne.local AAAA IPv6 address = fdea:5b48:d4c1:1:1::6
skynet.ad.cyberdyne.local AAAA IPv6 address = 2a02:120b:2c38:2950::1
skynet.ad.cyberdyne.local AAAA IPv6 address = 2a02:120b:2c38:2951::1
And from the server:
# dig -t SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
; <<>> DiG 9.10.3-P4 <<>> -t SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33143
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 7
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local.
IN SRV
;; ANSWER SECTION:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.cyberdyne.local.
900 IN SRV 0 100 389 skynet.ad.cyberdyne.local.
;; AUTHORITY SECTION:
_msdcs.ad.cyberdyne.local. 900 IN NS skynet.ad.cyberdyne.local.
;; ADDITIONAL SECTION:
skynet.ad.cyberdyne.local. 900 IN A 10.0.1.6
skynet.ad.cyberdyne.local. 900 IN A 10.0.0.6
skynet.ad.cyberdyne.local. 900 IN A 10.0.2.6
skynet.ad.cyberdyne.local. 900 IN AAAA fdea:5b48:d4c1:1:1::6
skynet.ad.cyberdyne.local. 900 IN AAAA 2a02:120b:2c38:2950::1
skynet.ad.cyberdyne.local. 900 IN AAAA 2a02:120b:2c38:2951::1
;; Query time: 12 msec
;; SERVER: fdea:5b48:d4c1:1:1::6#53(fdea:5b48:d4c1:1:1::6)
;; WHEN: Thu Aug 04 14:53:22 CEST 2016
;; MSG SIZE rcvd: 290
In fact to me it looks like all the adresses returned are valid.
I am not sure why gpupdate issues 16 queries on this
best regards,
Rainer
More information about the samba
mailing list