[Samba] Unable to transfer ForestDns/DomainDNS

Jason Waters jason at geeknocity.com
Thu Jun 23 16:49:29 UTC 2016 

I did not get SUCCESS!

root at DC01:/mnt# samba-tool ldapcmp ldap://dc01 ldap://pdc dnsdomain

* Comparing [DNSDOMAIN] context...

* Objects to be compared: 188

Comparing:
'CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local'
[ldap://dc01]
'CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local'
[ldap://pdc]
    Attributes found only in ldap://dc01:
        fSMORoleOwner
    Difference in attribute values:
        whenChanged =>
['20160622133653.0Z']
['20160621205006.0Z']
    FAILED

Comparing:
'CN=MicrosoftDNS,DC=DomainDnsZones,DC=fisherthompson,DC=local' [ldap://dc01]
'CN=MicrosoftDNS,DC=DomainDnsZones,DC=fisherthompson,DC=local' [ldap://pdc]
    Attributes found only in ldap://dc01:
        distinguishedName
        cn
        objectCategory
        objectClass
        objectGUID
        showInAdvancedViewOnly
        whenCreated
        whenChanged
        instanceType
        name
    FAILED

* Result for [DNSDOMAIN]: FAILURE

SUMMARY
---------

Attributes found only in ldap://dc01:

    distinguishedName
    cn
    objectCategory
    objectClass
    fSMORoleOwner
    objectGUID
    showInAdvancedViewOnly
    whenCreated
    whenChanged
    instanceType
    name

Attributes with different values:

    whenChanged
ERROR: Compare failed: -1


On Thu, Jun 23, 2016 at 12:38 PM, Rowland penny <rpenny at samba.org> wrote:

> On 23/06/16 16:32, Jason Waters wrote:
>
>> This is what it returned.
>>
>> root at DC01:/mnt# ldbsearch --cross-ncs -H /var/lib/samba/private/sam.ldb
>> -b "CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local" -s base
>> fsmoroleowner
>> # record 1
>> dn: CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local
>> fSMORoleOwner: CN=NTDS
>> Settings,CN=PDC,CN=Servers,CN=Default-First-Site-Name,C
>>  N=Sites,CN=Configuration,DC=fisherthompson,DC=local
>>
>> # returned 1 records
>> # 1 entries
>> # 0 referrals
>>
>>
>> Looks right, right?  It almost seems like it is trying to delete it from
>> the Windows 2003 machine, but can't.  So I ran NetDOM /query FSMO on the
>> windows 2003 server and got this.
>>
>> Schema owner                PDC.fisherthompson.local
>> Domain role owner           PDC.fisherthompson.local
>> PDC role                    PDC.fisherthompson.local
>> RID pool manager            PDC.fisherthompson.local
>> Infrastructure owner        PDC.fisherthompson.local
>> The command completed successfully.
>>
>> So no DomainDNS or ForestDNS present.
>>
>>
>>
> Unfortunately that doesn't mean anything, the windows tools only seem to
> known about the five main FSMO roles (as did samba-tool up until 4.3.0)
>
> Try this command, it should end with the word 'SUCCESS'
>
> samba-tool ldapcmp ldap://dc01 ldap://pdc dnsdomain
>
> Does the windows DC run a DNS server ?
>
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list