[Samba] Replication problems bdc to pdc
L.P.H. van Belle
belle at bazuin.nl
Wed Dec 13 09:52:38 UTC 2017
Ow and..
Your hosts files are incorrect.
Layout should be :
ip hostname.fqdn hostname
So this should be :
> 10.44.1.10 ry11citdc.ry11cit.lan ry11citdc
> 10.44.1.9 ry11citsdc.ry11cit.lan ry11citsdc
Reboot both servers after the change.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> L.P.H. van Belle via samba
> Verzonden: woensdag 13 december 2017 10:41
> Aan: samba at lists.samba.org
> CC: Ji??í Knotek
> Onderwerp: Re: [Samba] Replication problems bdc to pdc
>
> Great you use my script :-)
> Now we know something is wrong, run this one.
>
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-c
ollect-debug-info.sh
> And post the content to the list, that helps a lot.
>
> Greetz,
>
> Louis
>
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Ji??í Knotek via samba
> > Verzonden: woensdag 13 december 2017 10:14
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] Replication problems bdc to pdc
> >
> > Hello Rowland,
> >
> > thank you for advice. I reconfigure both AC-DCs again
> > with new data
> > and send updated data. Unfortunately, the result is the same.
> > I'm also
> > sending a listing from
> >
> > samba-setup-checkup.sh.
> >
> > * Linux: Raspbian, debian stretch lite
> > * Samba version 4.5.12-Debian
> > * DNS: BIND9_DLZ 9.10.x
> > * Installed packages: ntp ntpdate samba smbclient winbind
> libcups2
> > samba-common cups ldb-tools bind9 bind9utils dnsutils krb5-user
> >
> > *root at ry11citdc:/home/pi/Ry11# samba-tool drs replicate ry11citsdc
> > ry11citdc dc=ry11cit,dc=lan*
> > Replicate from ry11citdc to ry11citsdc was successful.
> >
> > *root at ry11citdc:/home/pi/Ry11# samba-tool drs replicate ry11citdc
> > ry11citsdc dc=ry11cit,dc=lan*
> > ERROR(<class 'samba.drs_utils.drsException'>):
> DsReplicaSync failed -
> > drsException: DsReplicaSync failed (2, 'WERR_BADFILE')
> > File
> "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line
> > 368, in run
> > drs_utils.sendDsReplicaSync(server_bind, server_bind_handle,
> > source_dsa_guid, NC, req_options)
> > File
> > "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 83,
> > in sendDsReplicaSync
> > raise drsException("DsReplicaSync failed %s" % estr)
> >
> >
> > *root at ry11citdc:/home/pi/Ry11# bash samba-setup-checkup.sh*
> > Check hostnames : Mismatch in hostname definitions
> > please check :
> > HOST_NAME_SHORT: ry11citdc
> > HOST_NAME_DOMAIN:
> > HOST_NAME_FQDN: ry11citdc
> > HOST_IP1: 10.44.1.10
> > HOST_IP2: Only one interface detected
> > HOST_GATEWAY: 10.44.1.1
> > HOST_PRIMARY_INTERFACE: 10.44.1.1
> > eth0
> > HOST_RESOLV_DOMAIN: domain ry11cit.lan
> > HOST_RESOLV_SEARCH: search ry11cit.lan
> > HOST_RESOLV_NAMESERV1: 10.44.1.10
> > HOST_RESOLV_NAMESERV2: 10.44.1.9
> > HOST_RESOLV_NAMESERV3:
> > Possible error detected in /etc/hosts, mismatch FQDN and
> detected IP
> > 10.44.1.10 for the host.
> > expected was : 10.44.1.10 ry11citdc ry11citdc
> > Checking detected host ipnumbers from resolv.conf and
> default gateway
> > Ping gateway ip : 10.44.1.1 : Error
> > ping nameserver1: 10.44.1.10 : Ok
> > ping nameserver2: 10.44.1.9 : Ok
> > Check ping google dns : 8.8.8.8 : Error
> > Checking file owner..
> > -rw-r--r-- pi pi /etc/samba/smb.conf
> > Checking file owner..
> > -rw-r--r-- pi pi /etc/samba/lmhosts
> > Checking file owner..
> > Missing file /etc/samba/smbpasswd
> > drwxr-xr-x root root /usr/bin
> > drwxr-xr-x root root /var/cache/samba
> > drwxr-xr-x root root /usr/lib/arm-linux-gnueabihf
> > drwxr-xr-x root root /var/run/samba
> > drwxr-x--- root adm /var/log/samba
> > drwxr-xr-x root root /usr/lib/arm-linux-gnueabihf/samba
> > drwxr-xr-x root root /var/run/samba
> > drwxr-xr-x root root /var/lib/samba/private
> > drwxr-xr-x root root /usr/sbin
> > drwxr-xr-x root root /var/lib/samba
> > DCS 2(SERVFAIL
> > DC1 2(SERVFAIL
> > DC2
> > ERROR: Invalid IP address '2(SERVFAIL'!
> > Samba AD DC info: = detected (command and
> where to look)
> > This server hostname = ry11citdc (hostname -s and
> /etc/hosts
> > and DNS server)
> > This server FQDN (hostname) = ry11citdc (hostname -f and
> /etc/hosts
> > and DNS server)
> > This server primary dnsdomain = (hostname -d and
> > /etc/resolv.conf and
> > DNS server)
> > This server IP address(ses) = 10.44.1.10 Only one
> > interface detected
> > (hostname -i (-I) and /etc/networking/interfaces and DNS server
> > The DC with FSMO roles = RY11CITDC (samba-tool fsmo show)
> > The DC (with FSMO) Site name = Default-First-Site-Name
> > (samba-tool fsmo
> > show)
> > The Default Naming Context = DC=ry11cit,DC=lan (samba-tool
> > fsmo show)
> > The Kerberos REALM name used = RY11CIT.LAN (kinit and
> > /etc/krb5.conf
> > and resolving)
> > The Ipadres of DC 2(SERVFAIL = 2(SERVFAIL)
> > SAMBA_SERVER_ROLE: active directory domain controller
> > SAMBA_SERVER_SERVICES: s3fs, rpc, nbt, wrepl, ldap, cldap,
> > kdc, drepl,
> > winbindd, ntp_signd, kcc, dnsupdate
> > SAMBA_DCERPC_ENDPOINT_SERVERS: epmapper, wkssvc, rpcecho, samr,
> > netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6,
> > backupkey, dnsserver
> >
> >
> > *I did not come to the way the hostname -d command would return the
> > domain name. How can I do that? In addition, there are
> host, lmhost,
> > resolv.conf, and so on**
> > *
> >
> > Please help, I don 't know the advice.
> >
> > System integrator Ji??í Knotek
> >
> >
> > "Primary" Active Directory Domain
> > Controler:----------------------------------------------------
> > -----------------------------------------------
> >
> > --------------------------------------------------------------
> > --------------------------------------------------------------
> > -------------------------
> >
> >
> > hostname:-----------------
> > ry11citdc.ry11cit.lan
> >
> > hosts:---------------
> > 127.0.0.1 localhost localhost.localdomain
> > 10.44.1.10 ry11citdc ry11citdc.ry11cit.lan
> > 10.44.1.9 ry11citsdc ry11citsdc.ry11cit.lan
> >
> > resolv.conf.head:-------------------
> > domain ry11cit.lan
> > search ry11cit.lan
> >
> > systemctl.conf"--------------------
> > net.ipv4.ip_forward=1
> > net.ipv6.conf.all.disable_ipv6=1
> >
> >
> >
> > krb5.conf:------------
> >
> > [libdefaults]
> > default_realm = RY11CIT.LAN
> > dns_lookup_realm = false
> > dns_lookup_kdc = true
> >
> > named.conf:------------------------
> >
> > include "/etc/bind/named.conf.options";
> > include "/etc/bind/named.conf.local";
> > include "/etc/bind/named.conf.default-zones";
> > include "/var/lib/samba/private/named.conf";
> >
> > named.conf.options:-----------------------
> >
> > options {
> > directory "/var/cache/bind";
> >
> > dnssec-validation auto;
> >
> > auth-nxdomain no; # conform to RFC1035
> > listen-on-v6 { none; };
> > tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
> > };
> >
> > lmhost:--------------------------
> > 127.0.0.1 localhost
> > 10.44.1.10 ry11citdc
> > 10.44.1.9 ry11citsdc
> >
> > smb.conf:------------------------------
> >
> > # Global parameters
> > [global]
> > netbios name = RY11CITDC
> > realm = RY11CIT.LAN
> > server services = -dns
> > workgroup = RY11CIT
> > server role = active directory domain controller
> >
> > [netlogon]
> > path = /var/lib/samba/sysvol/ry11cit.lan/scripts
> > read only = No
> >
> > [sysvol]
> > path = /var/lib/samba/sysvol
> > read only = No
> >
> > Samba Provision---------------:
> >
> > samba-tool domain provision --realm=RY11CIT.LAN
> --domain=RY11CIT
> > --server-role=dc --dns-backend=BIND9_DLZ --adminpass='.....'
> >
> > "Backup / Standby" Active Directory Domain
> > Controler:----------------------------------------------------
> > -----------------------------------------------
> >
> >
> > --------------------------------------------------------------
> > --------------------------------------------------------------
> > -------------------------
> >
> >
> > hostname:-----------------
> > ry11citsdc.ry11cit.lan
> >
> > hosts:---------------
> > 127.0.0.1 localhost localhost.localdomain
> > 10.44.1.10 ry11citdc ry11citdc.ry11cit.lan
> > 10.44.1.9 ry11citsdc ry11citsdc.ry11cit.lan
> >
> > resolv.conf.head:-------------------
> > domain ry11cit.lan
> > search ry11cit.lan
> >
> > systemctl.conf"--------------------
> > net.ipv4.ip_forward=1
> > net.ipv6.conf.all.disable_ipv6=1
> >
> >
> >
> > krb5.conf:------------
> >
> > [libdefaults]
> > default_realm = RY11CIT.LAN
> > dns_lookup_realm = false
> > dns_lookup_kdc = true
> >
> > named.conf:------------------------
> >
> > include "/etc/bind/named.conf.options";
> > include "/etc/bind/named.conf.local";
> > include "/etc/bind/named.conf.default-zones";
> > include "/var/lib/samba/private/named.conf";
> >
> > named.conf.options:-----------------------
> >
> > options {
> > directory "/var/cache/bind";
> >
> > dnssec-validation auto;
> >
> > auth-nxdomain no; # conform to RFC1035
> > listen-on-v6 { none; };
> > tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
> > };
> >
> > lmhost:--------------------------
> > 127.0.0.1 localhost
> > 10.44.1.10 ry11citdc
> > 10.44.1.9 ry11citsdc
> >
> > smb.conf:------------------------------
> >
> > # Global parameters
> > [global]
> > netbios name = RY11CITSDC
> > realm = RY11CIT.LAN
> > server services = -dns
> > workgroup = RY11CIT
> > server role = active directory domain controller
> >
> > [netlogon]
> > path = /var/lib/samba/sysvol/ry11cit.lan/scripts
> > read only = No
> >
> > [sysvol]
> > path = /var/lib/samba/sysvol
> > read only = No
> >
> > Samba join---------------:
> >
> > samba-tool domain join RY11CIT DC -Uadministrator
> > --realm=RY11CIT.LAN --dns-backend=BIND9_DLZ --adminpass='.....'
> >
> >
> > Thanks Jiri Knotek
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list