[Samba] Unable to transfer ForestDns/DomainDNS
Rowland penny
rpenny at samba.org
Thu Jun 23 17:43:25 UTC 2016
On 23/06/16 17:49, Jason Waters wrote:
> I did not get SUCCESS!
>
> root at DC01:/mnt# samba-tool ldapcmp ldap://dc01 ldap://pdc dnsdomain
>
> * Comparing [DNSDOMAIN] context...
>
> * Objects to be compared: 188
>
> Comparing:
> 'CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local'
> [ldap://dc01]
> 'CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local'
> [ldap://pdc]
> Attributes found only in ldap://dc01:
> fSMORoleOwner
> Difference in attribute values:
> whenChanged =>
> ['20160622133653.0Z']
> ['20160621205006.0Z']
> FAILED
>
> Comparing:
> 'CN=MicrosoftDNS,DC=DomainDnsZones,DC=fisherthompson,DC=local'
> [ldap://dc01]
> 'CN=MicrosoftDNS,DC=DomainDnsZones,DC=fisherthompson,DC=local'
> [ldap://pdc]
> Attributes found only in ldap://dc01:
> distinguishedName
> cn
> objectCategory
> objectClass
> objectGUID
> showInAdvancedViewOnly
> whenCreated
> whenChanged
> instanceType
> name
> FAILED
>
> * Result for [DNSDOMAIN]: FAILURE
>
> SUMMARY
> ---------
>
> Attributes found only in ldap://dc01:
>
> distinguishedName
> cn
> objectCategory
> objectClass
> fSMORoleOwner
> objectGUID
> showInAdvancedViewOnly
> whenCreated
> whenChanged
> instanceType
> name
>
> Attributes with different values:
>
> whenChanged
> ERROR: Compare failed: -1
>
>
> On Thu, Jun 23, 2016 at 12:38 PM, Rowland penny <rpenny at samba.org
> <mailto:rpenny at samba.org>> wrote:
>
> On 23/06/16 16:32, Jason Waters wrote:
>
> This is what it returned.
>
> root at DC01:/mnt# ldbsearch --cross-ncs -H
> /var/lib/samba/private/sam.ldb -b
> "CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local"
> -s base fsmoroleowner
> # record 1
> dn: CN=Infrastructure,DC=DomainDnsZones,DC=fisherthompson,DC=local
> fSMORoleOwner: CN=NTDS
> Settings,CN=PDC,CN=Servers,CN=Default-First-Site-Name,C
> N=Sites,CN=Configuration,DC=fisherthompson,DC=local
>
> # returned 1 records
> # 1 entries
> # 0 referrals
>
>
> Looks right, right? It almost seems like it is trying to
> delete it from the Windows 2003 machine, but can't. So I ran
> NetDOM /query FSMO on the windows 2003 server and got this.
>
> Schema owner PDC.fisherthompson.local
> Domain role owner PDC.fisherthompson.local
> PDC role PDC.fisherthompson.local
> RID pool manager PDC.fisherthompson.local
> Infrastructure owner PDC.fisherthompson.local
> The command completed successfully.
>
> So no DomainDNS or ForestDNS present.
>
>
>
> Unfortunately that doesn't mean anything, the windows tools only
> seem to known about the five main FSMO roles (as did samba-tool up
> until 4.3.0)
>
> Try this command, it should end with the word 'SUCCESS'
>
> samba-tool ldapcmp ldap://dc01 ldap://pdc dnsdomain
>
> Does the windows DC run a DNS server ?
>
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
That sort of means you don't have dns zones on your windows DC, or at
least full ones.
Does your windows DC run a DNS server ??
How did you join the Samba DCs to the windows DC, or was it the opposite
way round, you joined the windows one to the Samba DCs, if so how.
I feel another possible re-write of fsmo.py coming on :-(
Rowland
More information about the samba
mailing list