[Samba] Error in Second Samba Domain Controller

mathias dufresne infractory at gmail.com
Thu Mar 24 16:26:08 UTC 2016 

Very short reply as I have to leave the office in few minutes...

I remember have read something about issues when using OpenVPN. For now I
don't remind what were these issues.

About log in issue: do you use AD Sites? As far as I understood this is THE
way to get failover. You create a site, you attribute a network (CIDR form)
to that site and then client would try to connect on one DC in the site
they belong. If no DC is available in the AD Site, the client will re-do
the DC search without including site in DNS request. This means the client
will try to find an available DC among all DC of your domain.

Could be also DNS issue I think but not enough information to tell for now.


2016-03-23 14:21 GMT+01:00 Nicholas Rudd <nicholas.m.rudd at gmail.com>:

> So a little background, in my domain we have 2 domain controllers, the main
> (A Windows Server 2008 R2), and a secondary that is was recently migrated
> from Server 2003 R2 to Samba. Both domain controllers are offsite so we use
> OpenVpn to connect them, dns is set to the samba domain controller then the
> Windows server, this is due that the samba domain controller is up 24/7
> while the Windows is only up for certain hours. So heres the problem, I can
> still login to the domain when the main domain controller is online,
> however as soon as it goes offline I can no longer login, I can still get
> online so I know DNS is kinda working, however when issuing "samba-tool drs
> showrepl"on the second domain controller I get
>
> **ERROR(<class 'samba.drs_utils.drsException'*
>
>
>
>
>
>
>
>
>
>
> *>): DRS connection toip-172-31-15-16.ad.mydomain.com
> <http://ip-172-31-15-16.ad.mydomain.com/> <
> <http://ip-172-31-15-16.ad.mydomain.com/>http://ip-172-31-15-16.ad
> <http://ip-172-31-15-16.ad/> .mydomain.com <http://mydomain.com>>failed -
> drsException: DRS connection to ip-172-31-15-16.ad.mydomain.com
> <http://ip-172-31-15-16.ad.mydomain.com/><
> <http://ip-172-31-15-16.ad.mydomain.com/>http://ip-172-31-15-16.ad
> <http://ip-172-31-15-16.ad/> .mydomain.com <http://mydomain.com>> failed:
> (-1073741772, 'The objectname is not found.')**  File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/drs.py",line 39,
> in drsuapi_connect**    (ctx.drsuapi, ctx.drsuapi_handle,
> ctx.bind_supported_extensions) =drs_utils.drsuapi_connect(ctx.server,
> ctx.lp, ctx.creds)**  File
> "/usr/local/samba/lib/python2.7/site-packages/samba/drs_utils.py",line 54,
> in drsuapi_connect**    raise drsException("DRS connection to %s failed:
> %s" % (server, e))**
>
> This is interesting becuase the IP that it is looking for is not mine, mine
> is ip-172-31-15-161.ad.mylocaldomain.com
>
> , I have logged into the DNS
> management console many times and checked the records on the second (and
> first) domain controller and the records look correct. Any suggestions?
> --
> Nicholas Rudd
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list