[Samba] Samba DC sync issues - help

Nico De Ranter nico.deranter at esaturnus.com
Mon Jan 18 10:34:28 UTC 2016


Help, my Samba DC's refuse to sync :-(

I have 2 Samba 4.1.17 DC servers.  I made some changes via Active Directory
USer and Computers on Windows.  However even after a weekend the changes do
not appear on the second DC.

If I run
samba-tool ldapcmp ldap://dc1 ldap://dc2 -Uadministrator
--filter=msDS-NcType,serverState,subrefs

I see:

************************************************************

Password for [OFFICE\administrator]:

* Comparing [DOMAIN] context...

* DN lists have different size: 397 != 396
    CN=NICO-PC-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
    CN=NICO-VM,CN=Computers,DC=win,DC=office
    CN=dcim,CN=Computers,DC=win,DC=office
    CN=NICO-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
    CN=dcim,OU=Servers,OU=DomainComputers,DC=win,DC=office

* Objects to be compared: 394
Comparing:
'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc1]
'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc2]
    Difference in attribute values:
        homeDirectory =>
['\\\\storage\\virtpc']
['\\\\storage.office\\virtpc']
    FAILED
...[snip removed lots of similar errors for all other users]...

* Result for [DOMAIN]: FAILURE

SUMMARY
---------

Attributes with different values:

    homeDirectory

Attributes found only in ldap://dc2:

    description

* Comparing [CONFIGURATION] context...

* Objects to be compared: 1615

* Result for [CONFIGURATION]: SUCCESS

* Comparing [SCHEMA] context...

* Objects to be compared: 1550

* Result for [SCHEMA]: SUCCESS

* Comparing [DNSDOMAIN] context...

* Objects to be compared: 56

* Result for [DNSDOMAIN]: SUCCESS

* Comparing [DNSFOREST] context...

* Objects to be compared: 18

* Result for [DNSFOREST]: SUCCESS
ERROR: Compare failed: -1

*************************************************************************

Running a manual replication seems to work fine:
samba-tool drs replicate dc2 dc1 DC=win,DC=office
Replicate from dc1 to dc2 was successful.

However nothing changes, when I do an ldapcmp I still see the same errors.
What am I doing wrong? (Note: the clocks are synchronised)  I've been
trying to solve this for a week now but I cannot figure out what is going
wrong.

Nico



-- 
Nico De Ranter

Operations Engineer

T. +32 16 40 12 82

M. +32 497 91 53 78


<http://www.esaturnus.com>



eSATURNUS
Romeinse straat 12
3001 Leuven – Belgium

T. +32 16 40 12 82
F. +32 16 40 84 77
www.esaturnus.com





<http://www.esaturnus.com/>


More information about the samba mailing list