[Samba] db check fails

Bob of Donelson Trophy bob at donelsontrophy.net
Mon Nov 21 12:47:21 UTC 2016 

On 2016-11-21 06:13, Rowland Penny via samba wrote:

> On Mon, 21 Nov 2016 06:09:19 -0600
> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote:
> 
> On 2016-11-21 04:01, L.P.H. van Belle via samba wrote:
> 
> Hi Bob, 
> 
> Sorry for the late responce, i was out for the weekend. 
> 
> I saw you got it fixed, good. ;-) 
> 
> Good to know its a bug. Thanks Rowland for pointing that out. 
> 
> ( added that in the script. )
> 
> @Marc, this is nothing fancy.
> 
> This script use the commands as the samba wiki wants us too. 
> 
> https://downloads.van-belle.nl/samba4/samba-check-db-repl.sh
> 
> check DB replication. : a 2 way database replication checker. 
> 
> Using the commands: samba-tool dbcheck and samba-tool ldapcmp
> --filter=..  
> 
> https://downloads.van-belle.nl/samba4/samba-info.sh
> 
> This script returns all needed settings, just for a quick checkup.
> 
> I've adjusted it a bit, so give hints where your error might be.
> 
> and a correct output example:  ( if someone can make this in a nice
> output, im all ears ) 
> 
> Server info:                    detected                command and
> where to look
> 
> This server hostname          =  dc1 (hostname -s and /etc/hosts
> and DNS server)
> 
> This server FQDN (hostname)   =  dc1.internal.domain.tld
> (hostname -f and /etc/hosts and DNS server)
> 
> This server primary dnsdomain = internal.domain.tld     (hostname
> -d and /etc/resolv.conf and DNS server)
> 
> This server IP address(ses)   = 192.168.0.1         (hostname -i
> (-I) and /etc/networking/interfaces and DNS server
> 
> The DC with FSMO roles        =  DC1 (samba-tool fsmo show)
> 
> The DC (with FSMO) Site name  = Default-First-Site-Name (samba-tool
> fsmo show)
> 
> The Default Naming Context    = DC=internal,DC=domain,DC=tld
> (samba-tool fsmo show)
> 
> The Kerberos REALM name used  = KERBEROS.REAL     (kinit
> and /etc/krb5.conf and resolving)
> 
> The Ipadres of DC  dc1.internal.domain.tld        = 192.168.0.1
> 
> The Ipadres of DC  dc2.internal.domain.tld        = 192.168.0.2
> 
> The scripts are nothing fancy but if you have a "incorrect" setup. 
> 
> You get errors. Main goal if that with these script we point where
> the error  is expected. 
> 
> Greetz, 
> 
> Louis
> 
> -----Oorspronkelijk bericht----- 
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob of
> Donelson 
> Trophy via samba 
> Verzonden: zaterdag 19 november 2016 16:11 
> Aan: samba at lists.samba.org 
> Onderwerp: Re: [Samba] db check fails 
> On 2016-11-19 08:42, Rowland Penny via samba wrote: 
> On Sat, 19 Nov 2016 08:14:58 -0600

>> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote:

>> On 2016-11-19 07:54, Rowland Penny via samba wrote:

>> On Sat, 19 Nov 2016 07:03:22 -0600

>> Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote:

> There appears to be a fix to stop it happening in the bug report,
> but

> nothing (as yet) to fix existing databases.

> Rowland

> I ran samba-tool dbcheck on both DC's and they both report no
> errors.

> I'll just keep an eye on this. Maybe it will be corrected when
> 4.5.2 is

> released.

> Thanks.

> --

> _______________________________

> Bob Wooden of Donelson Trophy

> --

> To unsubscribe from this list go to the following URL and read the

> instructions:  https://lists.samba.org/mailman/options/samba

Copied over and ran "samba-info.sh against my Ubuntu 16.04.1LTS, Samba
4.5.0 (from source) and bind9.10.3-P4-Ubuntu and, if your interested,
here is my output. 

root at dtdc03:~# ./samba-info.sh
INFO: Current debug levels:
  all: 5
  tdb: 5

> snipped (displayed debug levels 4 times for some reason) for
> brevity <<<

  printdrivers: 5
  lanman: 5
  smb: 5
  rpc_parse: 5
  rpc_srv: 5
  rpc_cli: 5
  passdb: 5
  sam: 5
  auth: 5
  winbind: 5
  vfs: 5
  idmap: 5
  quota: 5
  acls: 5
  locking: 5
  msdfs: 5
  dmapi: 5
  registry: 5
  scavenger: 5
  dns: 5
  ldb: 5
  tevent: 5
Processing section "[netlogon]"
Processing section "[sysvol]"
pm_process() returned Yes
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
added interface lo ip=127.0.0.1 bcast=127.255.255.255
netmask=255.0.0.0 added interface enp2s0 ip=192.168.16.49
bcast=192.168.16.255 netmask=255.255.255.0
added interface lo ip=127.0.0.1 bcast=127.255.255.255
netmask=255.0.0.0 added interface enp2s0 ip=192.168.16.49
bcast=192.168.16.255 netmask=255.255.255.0
added interface lo ip=127.0.0.1 bcast=127.255.255.255
netmask=255.0.0.0 added interface enp2s0 ip=192.168.16.49
bcast=192.168.16.255 netmask=255.255.255.0
added interface lo ip=127.0.0.1 bcast=127.255.255.255
netmask=255.0.0.0 added interface enp2s0 ip=192.168.16.49
bcast=192.168.16.255 netmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name
dtdc03.dtshrm.dt<0x20>
startlmhosts: Can't open lmhosts file /usr/local/samba/etc/lmhosts.
Error was No such file or directory
finddcs: response 0 at '192.168.16.49'
finddcs: performing CLDAP query on 192.168.16.49
finddcs: Found matching DC 192.168.16.49 with server_type=0x000013fd
This script was tested Debian Jessie.
Server info:                    detected          command and where to
look
This server hostname          = dtdc03    (hostname -s and /etc/hosts
and DNS server)
This server FQDN (hostname)   = dtdc03.dtshrm.dt        (hostname -f
and /etc/hosts and DNS server)
This server primary dnsdomain = dtshrm.dt   (hostname -d and
/etc/resolv.conf and DNS server)
This server IP address(ses)   = 192.168.16.49     (hostname -i (-I)
and /etc/networking/interfaces and DNS server
The DC with FSMO roles        = DTDC03  (samba-tool fsmo show)
The DC (with FSMO) Site name  = Default-First-Site-Name
(samba-tool fsmo show)
The Default Naming Context    = DC=dtshrm,DC=dt    (samba-tool fsmo
show)
The Kerberos REALM name used  = DTSHRM.DT    (kinit and /etc/krb5.conf
and resolving)
The Ipadres of DC dtdc03.dtshrm.dt        = 192.168.16.49
The Ipadres of DC dtdc04.dtshrm.dt        = 192.168.16.50 

I keep ignoring that "lmhost" complaint . . . should I?

Yes

Rowland 

Everybody, thank you. 

As we all know there is a substantial amount of outdated information on
the internet about Samba 4. Numerous articles that still reference PDC
and BDC, for example, when searching current OS and Samba
configurations. (Some of those OS need to read the mailing list more
often.) 

This mailing list and all those that help out, is a great source to
clarify any confusion. In my case, that I am correct and should be
ignoring the "lmhost" references in my log files. Thanks, Rowland. 

And thanks, Louis, for the "touch" suggestion. A simple solution to a
minor problem.

-- 
_______________________________

Bob Wooden of Donelson Trophy

More information about the samba mailing list