[Samba] Desynced DC

Sébastien Le Ray sebastien-samba at orniz.org
Thu Feb 25 13:29:17 UTC 2016 

Can I rejoin without leaving?
If by settings you mean smb.conf, there is nothing different except for 
the netbios name

I did
beuss at desynced-dc:~$ sudo samba-tool drs replicate 
DESYNCED-DC.ad.my.company SANE-AND-REACHABLE-DC.ad.my.company 
dc=ad,dc=my,dc=company --full-sync --sync-forced

it failed…

Thanks to drs replicate -h I found the --local which seem to work better 
(well better as in "it doesn't fail", replication is not finished yet)


Le 25/02/2016 14:10, Achim Gottinger a écrit :
> I'd try to rejoin the faulty DC instead of copying sam.ldb files. I 
> guess there are unique DC specific entries in the local database.
> Can be samba-tool replicate works if you try the push the settings 
> from an other dc or pull em on the faulty dc.
> What command did you try andn on what dc?
>
> Am 25.02.2016 um 14:02 schrieb Sébastien Le Ray:
>> Still the same error…
>>
>> ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - 
>> drsException: DsReplicaSync failed (-1073610723, 
>> 'NT_STATUS_RPC_PROTOCOL_ERROR')
>>
>> Would copying the sam.ldb* files from a working DC be a mistake?
>>
>> Le 25/02/2016 12:45, Achim Gottinger a écrit :
>>> Yes they are, see samba-tool drs replicate -h.
>>>
>>>
>>>
>>> Am 24.02.2016 um 16:24 schrieb Achim Gottinger:
>>>> Have you tried to replicate with the --sync-forced and --full-sync 
>>>> options?
>>>>
>>>> Am 24.02.2016 um 14:31 schrieb Sébastien Le Ray:
>>>>> Hi list,
>>>>>
>>>>> We use samba 4.1.17 (debian's version) on several DCs. I just 
>>>>> realized that one of them is desynced and cannot get it to resync.
>>>>>
>>>>> The long story: we got 5 DCs splitted over several sites. Recently 
>>>>> we had to replace one of them (let's call him DC5). Since both had 
>>>>> to run in parallel for data recovery/users work we decided to join 
>>>>> a brand new DC (DC6) and latter demote the second one (DC5). Where 
>>>>> things get even more complicated is that once DC5 has been removed 
>>>>> we put DC6 on its IP (following wiki). We performed some cleanup 
>>>>> in the DNS and all was beautiful, data got replicated. However I 
>>>>> just realized that a completly different DC (say DC3) didn't catch 
>>>>> the replacement. samba-tool drs showrepl reports errors where we 
>>>>> can see the no-more existing DC and a DNS query returns the old 
>>>>> DC6 address. Is there a way to force replication (even by copying 
>>>>> files manually)? samba-tools drs replicate fails miserably without 
>>>>> any meaningful error.
>>>>>
>>>>> Thanks in advance
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
>

More information about the samba mailing list