[Samba] Samba DC sync issues - help

L.P.H. van Belle belle at bazuin.nl
Mon Jan 18 14:47:54 UTC 2016 

Hello Nico, 

 

Your completely right, sorry about that. 

 

samba-tool drs replicate dc_2_REPLICATE2  SOURCE  DC=win,DC=office

 

and if needed you can try one of the options 

--full-sync

 

Still errors after a reboot?  

 

 

Greetz, 

 

Louis

 

 


Van: Nico De Ranter [mailto:nico.deranter at esaturnus.com] 
Verzonden: maandag 18 januari 2016 15:19
Aan: L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Samba DC sync issues - help


 

Hi Louis,


just to make sure I'm not going to overwrite my working dc with the one which is out of sync:

    samba-tool drs replicate dc_WITH_FSMO_ROLES dc_TO_SYNC_TO DC=win,DC=office


according to the man page the first dc is the destination, the second is the source. In my case that would mean syncing from dc2 to dc1.  Is that really what I should do as dc2 is the one which is out of sync.


Nico


 

On Mon, Jan 18, 2016 at 12:04 PM, L.P.H. van Belle <belle at bazuin.nl> wrote:

Hai,

Reboot both servers first, DC1 and wait until its fully up, then reboot DC2, and run the replicate again but now like this :

samba-tool drs replicate dc_WITH_FSMO_ROLES dc_TO_SYNC_TO DC=win,DC=office

report if this worked.

And check with this one, you can run it on any samba DC.
https://secure.bazuin.nl/scripts/samba-check-db-repl.sh

configure it, and run it, and report back.
For the configure, NT_ADMIN_USER/PASS is sufficient.
And set CONFIGURED to yes


Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Nico De Ranter
> Verzonden: maandag 18 januari 2016 11:34
> Aan: samba
> Onderwerp: [Samba] Samba DC sync issues - help

>
> Help, my Samba DC's refuse to sync :-(
>
> I have 2 Samba 4.1.17 DC servers.  I made some changes via Active
> Directory
> USer and Computers on Windows.  However even after a weekend the changes
> do
> not appear on the second DC.
>
> If I run
> samba-tool ldapcmp ldap://dc1 ldap://dc2 -Uadministrator
> --filter=msDS-NcType,serverState,subrefs
>
> I see:
>
> ************************************************************
>
> Password for [OFFICE\administrator]:
>
> * Comparing [DOMAIN] context...
>
> * DN lists have different size: 397 != 396
>     CN=NICO-PC-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
>     CN=NICO-VM,CN=Computers,DC=win,DC=office
>     CN=dcim,CN=Computers,DC=win,DC=office
>     CN=NICO-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
>     CN=dcim,OU=Servers,OU=DomainComputers,DC=win,DC=office
>
> * Objects to be compared: 394
> Comparing:
> 'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc1]
> 'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc2]
>     Difference in attribute values:
>         homeDirectory =>
> ['\\\\storage\\virtpc']
> ['\\\\storage.office\\virtpc']
>     FAILED
> ...[snip removed lots of similar errors for all other users]...
>
> * Result for [DOMAIN]: FAILURE
>
> SUMMARY
> ---------
>
> Attributes with different values:
>
>     homeDirectory
>
> Attributes found only in ldap://dc2:
>
>     description
>
> * Comparing [CONFIGURATION] context...
>
> * Objects to be compared: 1615
>
> * Result for [CONFIGURATION]: SUCCESS
>
> * Comparing [SCHEMA] context...
>
> * Objects to be compared: 1550
>
> * Result for [SCHEMA]: SUCCESS
>
> * Comparing [DNSDOMAIN] context...
>
> * Objects to be compared: 56
>
> * Result for [DNSDOMAIN]: SUCCESS
>
> * Comparing [DNSFOREST] context...
>
> * Objects to be compared: 18
>
> * Result for [DNSFOREST]: SUCCESS
> ERROR: Compare failed: -1
>
> *************************************************************************
>
> Running a manual replication seems to work fine:
> samba-tool drs replicate dc2 dc1 DC=win,DC=office
> Replicate from dc1 to dc2 was successful.
>
> However nothing changes, when I do an ldapcmp I still see the same errors.
> What am I doing wrong? (Note: the clocks are synchronised)  I've been
> trying to solve this for a week now but I cannot figure out what is going
> wrong.
>
> Nico
>
>
>
> --
> Nico De Ranter
>
> Operations Engineer
>
> T. +32 16 40 12 82
>
> M. +32 497 91 53 78
>
>



> <http://www.esaturnus.com>
>
>
>
> eSATURNUS
> Romeinse straat 12
> 3001 Leuven – Belgium
>
> T. +32 16 40 12 82
> F. +32 16 40 84 77
> www.esaturnus.com
>
>
>
>
>
> <http://www.esaturnus.com/>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba





-- 

Nico De Ranter

Operations Engineer

T. +32 16 40 12 82

M. +32 497 91 53 78






 

eSATURNUS
Romeinse straat 12
3001 Leuven – Belgium
	
T. +32 16 40 12 82
F. +32 16 40 84 77
www.esaturnus.com



  

 

More information about the samba mailing list