[Samba] Samba AD DC replication error - 2, 'WERR_BADFILE'
Rowland Penny
rpenny at samba.org
Thu Dec 20 15:50:32 UTC 2018
On Thu, 20 Dec 2018 16:10:21 +0100
Martin Krämer via samba <samba at lists.samba.org> wrote:
> Thanks for the fast reply.
> Sorry - I was not aware that attachments are not forwarded.
>
/etc/hosts
Change to this:
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.33.250 faiserver.example.corp faiserver
Same on the second DC, but with its info
/etc/resolv.conf
Change them to this:
search example.org
nameserver <IP_OF_THE_DC>
/etc/samba/smb.conf
Read 'man smb.conf' and remove all the default lines.
You should also remove these lines that have no place in a DC smb.conf:
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = No
[homes] does not work on a DC. Use [home] instead, see the Samba wiki.
You also cannot use 'POSIX-ACLS' on a DC, you must use 'Windows ACLS',
again see the Samba wiki.
/etc/bind/named.conf.options
Change:
allow-transfer { internals; };
To:
allow-transfer { none; };
Have you restarted the second DC since you joined it ?
If not, restart it now.
Rowland
More information about the samba
mailing list