[Samba] samba 4.4

Sketch smblist at rednsx.org
Fri Jan 27 22:55:20 UTC 2017 

I'm trying to upgrade our old DC's from samba 4.2 to samba 4.4.  Rather 
than upgrade in-place, I am creating new DCs and then joining them.  This 
generally seems to work as expected, except outbound replication seems to 
fail.

[root at newDC samba-4.4.4]# samba-tool drs replicate newDC oldDC CN=Configuration,DC=ad,DC=mydomain,DC=com -U Administrator
Replicate from oldDC to newDC was successful.

[root at newDC samba-4.4.4]# samba-tool drs replicate oldDC newDC CN=Configuration,DC=ad,DC=mydomain,DC=com -U Administrator
ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (2, 'WERR_BADFILE')
   File "/lib64/python2.7/site-packages/samba/netcmd/drs.py", line 350, in run
     drs_utils.sendDsReplicaSync(self.drsuapi, self.drsuapi_handle, source_dsa_guid, NC, req_options)
   File "/lib64/python2.7/site-packages/samba/drs_utils.py", line 83, in sendDsReplicaSync
     raise drsException("DsReplicaSync failed %s" % estr)

Just to rule out that this problem wasn't caused by the old DCs, I created 
a second new DC and I get the same error with outbound replication from 
one 4.4.4 DC to the other.

The reason for this particular version is because I'm on CentOS 7.  The 
old DCs are on 7.2, running a CentOS samba package rebuilt with DC 
support.  The new machines are on 7.3, also running a CentOS samba package 
rebuilt with DC support.  Just to make sure that this problem wasn't 
caused by a patch in the CentOS package, I also downloaded both official 
samba 4.4.4 and 4.4.9 from the samba website and compiled them, and both 
gave me the same erorr.  Exact configure options used (to more or less 
match the CentOS build):

./configure --enable-fhs --prefix=/ --with-piddir=/run --with-sockets-dir=/run/samba --with-modulesdir=/usr/lib64/samba --with-pammodulesdir=/usr/lib64/security --with-lockdir=/var/lib/samba/lock --with-statedir=/var/lib/samba --with-cachedir=/var/lib/samba --disable-rpath-install --with-pam --with-pie --with-relro --without-fam

Any suggestions?

More information about the samba mailing list