[Samba] Replication problems bdc to pdc
Jiří Knotek
jiri.knotek at gemapce.cz
Wed Dec 13 09:13:52 UTC 2017
Hello Rowland,
thank you for advice. I reconfigure both AC-DCs again with new data
and send updated data. Unfortunately, the result is the same. I'm also
sending a listing from
samba-setup-checkup.sh.
* Linux: Raspbian, debian stretch lite
* Samba version 4.5.12-Debian
* DNS: BIND9_DLZ 9.10.x
* Installed packages: ntp ntpdate samba smbclient winbind libcups2
samba-common cups ldb-tools bind9 bind9utils dnsutils krb5-user
*root at ry11citdc:/home/pi/Ry11# samba-tool drs replicate ry11citsdc
ry11citdc dc=ry11cit,dc=lan*
Replicate from ry11citdc to ry11citsdc was successful.
*root at ry11citdc:/home/pi/Ry11# samba-tool drs replicate ry11citdc
ry11citsdc dc=ry11cit,dc=lan*
ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed -
drsException: DsReplicaSync failed (2, 'WERR_BADFILE')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line
368, in run
drs_utils.sendDsReplicaSync(server_bind, server_bind_handle,
source_dsa_guid, NC, req_options)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 83,
in sendDsReplicaSync
raise drsException("DsReplicaSync failed %s" % estr)
*root at ry11citdc:/home/pi/Ry11# bash samba-setup-checkup.sh*
Check hostnames : Mismatch in hostname definitions
please check :
HOST_NAME_SHORT: ry11citdc
HOST_NAME_DOMAIN:
HOST_NAME_FQDN: ry11citdc
HOST_IP1: 10.44.1.10
HOST_IP2: Only one interface detected
HOST_GATEWAY: 10.44.1.1
HOST_PRIMARY_INTERFACE: 10.44.1.1
eth0
HOST_RESOLV_DOMAIN: domain ry11cit.lan
HOST_RESOLV_SEARCH: search ry11cit.lan
HOST_RESOLV_NAMESERV1: 10.44.1.10
HOST_RESOLV_NAMESERV2: 10.44.1.9
HOST_RESOLV_NAMESERV3:
Possible error detected in /etc/hosts, mismatch FQDN and detected IP
10.44.1.10 for the host.
expected was : 10.44.1.10 ry11citdc ry11citdc
Checking detected host ipnumbers from resolv.conf and default gateway
Ping gateway ip : 10.44.1.1 : Error
ping nameserver1: 10.44.1.10 : Ok
ping nameserver2: 10.44.1.9 : Ok
Check ping google dns : 8.8.8.8 : Error
Checking file owner..
-rw-r--r-- pi pi /etc/samba/smb.conf
Checking file owner..
-rw-r--r-- pi pi /etc/samba/lmhosts
Checking file owner..
Missing file /etc/samba/smbpasswd
drwxr-xr-x root root /usr/bin
drwxr-xr-x root root /var/cache/samba
drwxr-xr-x root root /usr/lib/arm-linux-gnueabihf
drwxr-xr-x root root /var/run/samba
drwxr-x--- root adm /var/log/samba
drwxr-xr-x root root /usr/lib/arm-linux-gnueabihf/samba
drwxr-xr-x root root /var/run/samba
drwxr-xr-x root root /var/lib/samba/private
drwxr-xr-x root root /usr/sbin
drwxr-xr-x root root /var/lib/samba
DCS 2(SERVFAIL
DC1 2(SERVFAIL
DC2
ERROR: Invalid IP address '2(SERVFAIL'!
Samba AD DC info: = detected (command and where to look)
This server hostname = ry11citdc (hostname -s and /etc/hosts
and DNS server)
This server FQDN (hostname) = ry11citdc (hostname -f and /etc/hosts
and DNS server)
This server primary dnsdomain = (hostname -d and /etc/resolv.conf and
DNS server)
This server IP address(ses) = 10.44.1.10 Only one interface detected
(hostname -i (-I) and /etc/networking/interfaces and DNS server
The DC with FSMO roles = RY11CITDC (samba-tool fsmo show)
The DC (with FSMO) Site name = Default-First-Site-Name (samba-tool fsmo
show)
The Default Naming Context = DC=ry11cit,DC=lan (samba-tool fsmo show)
The Kerberos REALM name used = RY11CIT.LAN (kinit and /etc/krb5.conf
and resolving)
The Ipadres of DC 2(SERVFAIL = 2(SERVFAIL)
SAMBA_SERVER_ROLE: active directory domain controller
SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr,
netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6,
backupkey, dnsserver
*I did not come to the way the hostname -d command would return the
domain name. How can I do that? In addition, there are host, lmhost,
resolv.conf, and so on**
*
Please help, I don 't know the advice.
System integrator Jiří Knotek
"Primary" Active Directory Domain
Controler:---------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------------------------------------------------------------
hostname:-----------------
ry11citdc.ry11cit.lan
hosts:---------------
127.0.0.1 localhost localhost.localdomain
10.44.1.10 ry11citdc ry11citdc.ry11cit.lan
10.44.1.9 ry11citsdc ry11citsdc.ry11cit.lan
resolv.conf.head:-------------------
domain ry11cit.lan
search ry11cit.lan
systemctl.conf"--------------------
net.ipv4.ip_forward=1
net.ipv6.conf.all.disable_ipv6=1
krb5.conf:------------
[libdefaults]
default_realm = RY11CIT.LAN
dns_lookup_realm = false
dns_lookup_kdc = true
named.conf:------------------------
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/var/lib/samba/private/named.conf";
named.conf.options:-----------------------
options {
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { none; };
tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
};
lmhost:--------------------------
127.0.0.1 localhost
10.44.1.10 ry11citdc
10.44.1.9 ry11citsdc
smb.conf:------------------------------
# Global parameters
[global]
netbios name = RY11CITDC
realm = RY11CIT.LAN
server services = -dns
workgroup = RY11CIT
server role = active directory domain controller
[netlogon]
path = /var/lib/samba/sysvol/ry11cit.lan/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
Samba Provision---------------:
samba-tool domain provision --realm=RY11CIT.LAN --domain=RY11CIT
--server-role=dc --dns-backend=BIND9_DLZ --adminpass='.....'
"Backup / Standby" Active Directory Domain
Controler:---------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------------------------------------------------------------
hostname:-----------------
ry11citsdc.ry11cit.lan
hosts:---------------
127.0.0.1 localhost localhost.localdomain
10.44.1.10 ry11citdc ry11citdc.ry11cit.lan
10.44.1.9 ry11citsdc ry11citsdc.ry11cit.lan
resolv.conf.head:-------------------
domain ry11cit.lan
search ry11cit.lan
systemctl.conf"--------------------
net.ipv4.ip_forward=1
net.ipv6.conf.all.disable_ipv6=1
krb5.conf:------------
[libdefaults]
default_realm = RY11CIT.LAN
dns_lookup_realm = false
dns_lookup_kdc = true
named.conf:------------------------
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/var/lib/samba/private/named.conf";
named.conf.options:-----------------------
options {
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { none; };
tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
};
lmhost:--------------------------
127.0.0.1 localhost
10.44.1.10 ry11citdc
10.44.1.9 ry11citsdc
smb.conf:------------------------------
# Global parameters
[global]
netbios name = RY11CITSDC
realm = RY11CIT.LAN
server services = -dns
workgroup = RY11CIT
server role = active directory domain controller
[netlogon]
path = /var/lib/samba/sysvol/ry11cit.lan/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
Samba join---------------:
samba-tool domain join RY11CIT DC -Uadministrator
--realm=RY11CIT.LAN --dns-backend=BIND9_DLZ --adminpass='.....'
Thanks Jiri Knotek
More information about the samba
mailing list