[Samba] Initial replication halts with "The handle is invalid." (msDS-NC-Replica-Locations corrupted?)
Adam Tauno Williams
awilliam at whitemice.org
Tue Jan 17 20:22:01 UTC 2017
>> > sam.ldb??? So the correct syntax is -
>> > [ADC28 samba]# bin/samba-tool domain tombstones expunge -H
>> > /var/lib/samba/private/sam.ldb
>> This does not appear to have reaped any links.
>> [root at larkin28 samba]# bin/samba-tool domain tombstones expunge -d
>> 10
>> -H /var/lib/samba/private/sam.ldb
>> ...
>> lpcfg_servicenumber: couldn't find ldb
>> Initial schema load needed, as we have no existing schema, seq_num:
>> 64
>> schema_fsmo_init: we are master[no] updates allowed[no]
>> Initial schema load needed, as we have no existing schema, seq_num:
>> 64
>> schema_fsmo_init: we are master[no] updates allowed[no]
>> gendb_search_v: CN=Directory Service,CN=Windows
>> NT,CN=Services,CN=Configuration,DC=micore,DC=us
>> objectClass=nTDSService -> 1
>> Doing a full scan on CN=Configuration,DC=micore,DC=us and looking
>> for
>> deleted objects
>> Doing a full scan on DC=micore,DC=us and looking for deleted objects
>> Doing a full scan on DC=DomainDnsZones,DC=micore,DC=us and looking
>> for
>> deleted objects
>> Doing a full scan on DC=ForestDnsZones,DC=micore,DC=us and looking
>> for
>> deleted objects
>> Removed 0 objects and 0 links successfully
> Thanks. When you run
> bin/samba-tool dbcheck -H /var/lib/samba/private/sam.ldb --cross-ncs
> is it less scary now? We tried to remove some of the scare factor for
> this one, it is 'mostly harmless'.
No, it still contains the same errors concerning msDS-NC-Replica-Locations
> Now, the fact that you have replication failures suggests this is a
> very real problem for you.
Yes; fairly urgently.
Would any additional information be helpful? I can attempt again to
promote the 2008R2 DC and get a packet capture from between the servers.
> It may or may not actually be this object, but clearly you want to
> try. I'll try and get you a command to remove the links with the
> 'vanish links' control, so you can test it out on a backup.
More information about the samba
mailing list