[Samba] Samba DC sync issues - help
Nico De Ranter
nico.deranter at esaturnus.com
Mon Jan 18 10:34:28 UTC 2016
Help, my Samba DC's refuse to sync :-(
I have 2 Samba 4.1.17 DC servers. I made some changes via Active Directory
USer and Computers on Windows. However even after a weekend the changes do
not appear on the second DC.
If I run
samba-tool ldapcmp ldap://dc1 ldap://dc2 -Uadministrator
--filter=msDS-NcType,serverState,subrefs
I see:
************************************************************
Password for [OFFICE\administrator]:
* Comparing [DOMAIN] context...
* DN lists have different size: 397 != 396
CN=NICO-PC-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
CN=NICO-VM,CN=Computers,DC=win,DC=office
CN=dcim,CN=Computers,DC=win,DC=office
CN=NICO-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
CN=dcim,OU=Servers,OU=DomainComputers,DC=win,DC=office
* Objects to be compared: 394
Comparing:
'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc1]
'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc2]
Difference in attribute values:
homeDirectory =>
['\\\\storage\\virtpc']
['\\\\storage.office\\virtpc']
FAILED
...[snip removed lots of similar errors for all other users]...
* Result for [DOMAIN]: FAILURE
SUMMARY
---------
Attributes with different values:
homeDirectory
Attributes found only in ldap://dc2:
description
* Comparing [CONFIGURATION] context...
* Objects to be compared: 1615
* Result for [CONFIGURATION]: SUCCESS
* Comparing [SCHEMA] context...
* Objects to be compared: 1550
* Result for [SCHEMA]: SUCCESS
* Comparing [DNSDOMAIN] context...
* Objects to be compared: 56
* Result for [DNSDOMAIN]: SUCCESS
* Comparing [DNSFOREST] context...
* Objects to be compared: 18
* Result for [DNSFOREST]: SUCCESS
ERROR: Compare failed: -1
*************************************************************************
Running a manual replication seems to work fine:
samba-tool drs replicate dc2 dc1 DC=win,DC=office
Replicate from dc1 to dc2 was successful.
However nothing changes, when I do an ldapcmp I still see the same errors.
What am I doing wrong? (Note: the clocks are synchronised) I've been
trying to solve this for a week now but I cannot figure out what is going
wrong.
Nico
--
Nico De Ranter
Operations Engineer
T. +32 16 40 12 82
M. +32 497 91 53 78
<http://www.esaturnus.com>
eSATURNUS
Romeinse straat 12
3001 Leuven – Belgium
T. +32 16 40 12 82
F. +32 16 40 84 77
www.esaturnus.com
<http://www.esaturnus.com/>
More information about the samba
mailing list