[Samba] Doubts about synchronization between DC
Marcio Demetrio Bacci
marciobacci at gmail.com
Tue Jul 4 12:24:49 UTC 2017
Hi,
I have 2 DC (both with Samba 4.6.5) and apparently the secondary DC is
receiving information of the main DC, according to information below:
root at dc2:/root samba-tool drs showrepl
Default-First-Site-Name\DC2
DSA Options: 0x00000001
DSA object GUID: b3061034-9e5c-452d-a215-43e8a83b90ec
DSA invocationId: 4010374c-e457-49ed-9b6d-24c6e40eb737
==== INBOUND NEIGHBORS ====
CN=Schema,CN=Configuration,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ Tue Jul 4 09:00:46 2017 -03 was successful
0 consecutive failure(s).
Last success @ Tue Jul 4 09:00:46 2017 -03
CN=Configuration,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ Tue Jul 4 09:00:46 2017 -03 was successful
0 consecutive failure(s).
Last success @ Tue Jul 4 09:00:46 2017 -03
DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ Tue Jul 4 09:00:46 2017 -03 was successful
0 consecutive failure(s).
Last success @ Tue Jul 4 09:00:46 2017 -03
DC=DomainDnsZones,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ Tue Jul 4 09:00:53 2017 -03 was successful
0 consecutive failure(s).
Last success @ Tue Jul 4 09:00:53 2017 -03
DC=ForestDnsZones,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ Tue Jul 4 09:00:46 2017 -03 was successful
0 consecutive failure(s).
Last success @ Tue Jul 4 09:00:46 2017 -03
==== OUTBOUND NEIGHBORS ====
CN=Schema,CN=Configuration,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Configuration,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=DomainDnsZones,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=ForestDnsZones,DC=empresa,DC=com,DC=br
Default-First-Site-Name\dc1 via RPC
DSA object GUID: 85f48d3e-ca2a-4c26-a04c-27ef820e0b7d
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: 1e059648-0fe2-48d2-9bae-e85803d6af02
Enabled : TRUE
Server DNS name : dc1.empresa.com.br
Server DN name : CN=NTDS
Settings,CN=dc1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=empresa,DC=com,DC=br
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
However, I have verified the following:
A) the permissions on sysvol folder of DC2 are different from DC1
DC1: drwxrwxrwx 3 10060 30028 4096 Jul 4 01:15 sysvol
DC2: drwxr-sr-x 3 root staff 4096 Mai 22 18:58 sysvol
B) in DC2 there isn't "Policies" folder in
/usr/local/samba/var/locks/sysvol/empresa.com.br/
Should not they sync those permissions too? Is there any problem?
Regards,
Márcio Bacci
More information about the samba
mailing list