[Samba] Samba DC sync issues - help

L.P.H. van Belle belle at bazuin.nl
Mon Jan 18 15:06:17 UTC 2016 

Hai Nico, 

 

Ok great, its fixed, and yes, i do think that the reboot fixed it, dont ask my why, i dont know.. i only know the fix ;-) 

Seen this few times before.. 

 

About the script, did you run it without the password in the script or with the password in the script? 

So i can check whats wrong there. 

 

Your running samba 4.1.17 ? on which os? 

 

Greetz, 

 

Louis

 

 

 


Van: Nico De Ranter [mailto:nico.deranter at esaturnus.com] 
Verzonden: maandag 18 januari 2016 15:57
Aan: L.P.H. van Belle
CC: samba at lists.samba.org
Onderwerp: Re: [Samba] Samba DC sync issues - help


 

 


Hi Louis,


Rebooted DC1


Rebooted DC2


Ran "samba-tool drs replicate dc1 dc2 DC=win,DC=office"
Replicate from dc2 to dc1 was successful.


Unfortunately samba-check-db-repl.sh seems to be hanging when doing 'kinit Administrator ' (if seems ' echo"pwd" | kinit Administrator' doesn't seem to manage to pass on the password for some reason)


However when I now run an ldapcmp I see success everywhere.  When I update something via Windows and run ldapcmp afterwards everything is still ok.


So either the reboot of dc1 fixed it (I didn't try that before as it was the one running my whole network as dc2 was down) or the reverse replicate fixed it (am I totaly misunderstaning 'samba-tool drs replcate destination source' or is the manual wrong?)


Thank you very much for your help!


Nico

 

On Mon, Jan 18, 2016 at 12:04 PM, L.P.H. van Belle <belle at bazuin.nl> wrote:

Hai,

Reboot both servers first, DC1 and wait until its fully up, then reboot DC2, and run the replicate again but now like this :

samba-tool drs replicate dc_WITH_FSMO_ROLES dc_TO_SYNC_TO DC=win,DC=office

report if this worked.

And check with this one, you can run it on any samba DC.
https://secure.bazuin.nl/scripts/samba-check-db-repl.sh

configure it, and run it, and report back.
For the configure, NT_ADMIN_USER/PASS is sufficient.
And set CONFIGURED to yes


Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Nico De Ranter
> Verzonden: maandag 18 januari 2016 11:34
> Aan: samba
> Onderwerp: [Samba] Samba DC sync issues - help

>
> Help, my Samba DC's refuse to sync :-(
>
> I have 2 Samba 4.1.17 DC servers.  I made some changes via Active
> Directory
> USer and Computers on Windows.  However even after a weekend the changes
> do
> not appear on the second DC.
>
> If I run
> samba-tool ldapcmp ldap://dc1 ldap://dc2 -Uadministrator
> --filter=msDS-NcType,serverState,subrefs
>
> I see:
>
> ************************************************************
>
> Password for [OFFICE\administrator]:
>
> * Comparing [DOMAIN] context...
>
> * DN lists have different size: 397 != 396
>     CN=NICO-PC-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
>     CN=NICO-VM,CN=Computers,DC=win,DC=office
>     CN=dcim,CN=Computers,DC=win,DC=office
>     CN=NICO-VM,OU=OPS,OU=DomainComputers,DC=win,DC=office
>     CN=dcim,OU=Servers,OU=DomainComputers,DC=win,DC=office
>
> * Objects to be compared: 394
> Comparing:
> 'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc1]
> 'CN=virtpc,OU=DomainUsers,DC=win,DC=office' [ldap://dc2]
>     Difference in attribute values:
>         homeDirectory =>
> ['\\\\storage\\virtpc']
> ['\\\\storage.office\\virtpc']
>     FAILED
> ...[snip removed lots of similar errors for all other users]...
>
> * Result for [DOMAIN]: FAILURE
>
> SUMMARY
> ---------
>
> Attributes with different values:
>
>     homeDirectory
>
> Attributes found only in ldap://dc2:
>
>     description
>
> * Comparing [CONFIGURATION] context...
>
> * Objects to be compared: 1615
>
> * Result for [CONFIGURATION]: SUCCESS
>
> * Comparing [SCHEMA] context...
>
> * Objects to be compared: 1550
>
> * Result for [SCHEMA]: SUCCESS
>
> * Comparing [DNSDOMAIN] context...
>
> * Objects to be compared: 56
>
> * Result for [DNSDOMAIN]: SUCCESS
>
> * Comparing [DNSFOREST] context...
>
> * Objects to be compared: 18
>
> * Result for [DNSFOREST]: SUCCESS
> ERROR: Compare failed: -1
>
> *************************************************************************
>
> Running a manual replication seems to work fine:
> samba-tool drs replicate dc2 dc1 DC=win,DC=office
> Replicate from dc1 to dc2 was successful.
>
> However nothing changes, when I do an ldapcmp I still see the same errors.
> What am I doing wrong? (Note: the clocks are synchronised)  I've been
> trying to solve this for a week now but I cannot figure out what is going
> wrong.
>
> Nico
>
>






-- 

Nico De Ranter

Operations Engineer

T. +32 16 40 12 82

M. +32 497 91 53 78




 

 

eSATURNUS
Romeinse straat 12
3001 Leuven – Belgium
	
T. +32 16 40 12 82
F. +32 16 40 84 77
www.esaturnus.com

 

  

 

More information about the samba mailing list