[Samba] Samba4 replication not working

Ronny Forberger ronnyforberger at ronnyforberger.de
Fri Oct 14 12:48:32 UTC 2016 


Am 13.10.2016 um 17:19 schrieb lingpanda101--- via samba:
> On 10/13/2016 10:58 AM, Ronny Forberger wrote:
>>
>> Am 13.10.2016 um 16:54 schrieb lingpanda101 at gmail.com:
>>> On 10/13/2016 10:37 AM, Ronny Forberger wrote:
>>>> Am 13.10.2016 um 16:28 schrieb lingpanda101 at gmail.com:
>>>>> On 10/13/2016 10:19 AM, Ronny Forberger wrote:
>>>>>> Am 12.10.2016 um 20:17 schrieb lingpanda101--- via samba:
>>>>>>> On 10/12/2016 1:57 PM, Ronny Forberger via samba wrote:
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I get the following error when I am trying to check the
>>>>>>>> replication
>>>>>>>> status of my samba4 dc:
>>>>>>>>
>>>>>>>> ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to
>>>>>>>> nidy.
>>>>>>>> failed - drsException: DRS connection to nidy. failed:
>>>>>>>> (-1073741772,
>>>>>>>> 'The object name is not found.')
>>>>>>>>       File
>>>>>>>> "/usr/lib64/python2.7/site-packages/samba/netcmd/drs.py",
>>>>>>>> line
>>>>>>>> 39, in drsuapi_connect
>>>>>>>>         (ctx.drsuapi, ctx.drsuapi_handle,
>>>>>>>> ctx.bind_supported_extensions) =
>>>>>>>> drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
>>>>>>>>       File
>>>>>>>> "/usr/lib64/python2.7/site-packages/samba/drs_utils.py", line
>>>>>>>> 54,
>>>>>>>> in drsuapi_connect
>>>>>>>>         raise drsException("DRS connection to %s failed: %s" %
>>>>>>>> (server, e))
>>>>>>>>
>>>>>>>> What can be the cause?
>>>>>>>>
>>>>>>>> Best regards,
>>>>>>>> Ronny Forberger
>>>>>>>>
>>>>>>> Is this a new DC?
>>>>>>>
>>>>>>> I would quickly check if you have a A and CNAME record for the DC.
>>>>>>> Follow this link
>>>>>>> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> It's a new DC. I really had the CNAME missing, so I added it, but I
>>>>>> still get the same above error.
>>>>>> Any ideas?
>>>>>>
>>>>>> Regards,
>>>>>> Ronny Forberger
>>>>>>
>>>>> After adding the record did you by chance restart the newly joined
>>>>> DC?
>>>>> Is the error the exact same error as before? Did you provision with
>>>>> the internal dns or bind?
>>>>>
>>>> I did restart the DC. The error is the exact same. I provisioned with
>>>> bind.
>>>>
>>>> Regards,
>>>> Ronny
>>>>
>>> Did you check replication status from both DC's? If so, do they both
>>> report the same error?
>>>
>>> Does DC1 point to itself for DNS or DC2(cat /etc/resolv.conf)? I would
>>> initially have DC1 point to itself for DNS to verify replication is
>>> working. Afterwards have each DC point to the other one first.
>>>
>>> Is bind running on both DC's(netstat -anp | grep ":53")?
>> Does bind have to run on the second DC as well? I only run bind on 3
>> other servers, resolving against them in each dc's resolv.conf.
>>
>> Regards,
>> Ronny
>>
> Technically no.
>
> You will need someone else on the list to chime in to assist with your
> setup however. With that being said I would verify that all the
> pertinent records exists in whatever DNS server you plan to use and
> it's authoritative for your zone.
>
Can anyone help me here?

Best regards,
Ronny

-- 
___________________________________
Ronny Forberger 
ronnyforberger at ronnyforberger.de
PGP: http://www.ronnyforberger.de/pgp/email-encryption.html

More information about the samba mailing list