[Samba] Samba DC: How to verify proper functioning
Rowland Penny
rpenny at samba.org
Sun Jun 10 12:46:00 UTC 2018
On Sun, 10 Jun 2018 15:01:12 +0300
Alexei Rozenvaser via samba <samba at lists.samba.org> wrote:
> Hello
>
> Please advise some ways to verify that my newly created samba DC
> (holding no FSMO roles) is functioning properly from standpoint of
> Windows Server DC and Windows clients.
> So far I tried to run "dcdiag" command.
> Can you please look at following command output and tell me is
> everything OK there?
> Is there other ways to check if DC works well?
> ---------------------------------------------------------------------------------
> dcdiag /s:ubuntu-dc
> Directory Server Diagnosis
>
>
> Doing primary tests
> Starting test: SysVolCheck
>
> The SysVol is not ready. This can cause the DC to not
> advertise
>
> itself as a DC for netlogon after dcpromo. Also trouble
> with FRS
>
> SysVol replication can cause Group Policy problems. Check
> the FRS
>
> event log on this DC.
> ......................... UBUNTU-DC failed test SysVolCheck
This can be expected, Sysvol on a Samba DC doesn't replicate yet, see
the wiki.
> Starting test: ObjectsReplicated
>
> Failed to read object metadata on UBUNTU-DC, error
>
> The request is not supported.
>
> Failed to read object metadata on UBUNTU-DC, error
>
> The request is not supported.
>
> ......................... UBUNTU-DC passed test
> ObjectsReplicated
I wouldn't worry about the above, the test passed even though it
couldn't read an attribute.
>
> Starting test: Replications
>
> REPLICATION-RECEIVED LATENCY WARNING
>
> UBUNTU-DC: Current time is 2018-06-10 14:47:51.
>
> CN=Schema,CN=Configuration,DC=Gal-Shvav,DC=local
> Last replication received from GSAD at
> 1601-01-01 02:21:57
> WARNING: This latency is over the Tombstone Lifetime
> of 180 days!
>
> ......................... UBUNTU-DC passed test Replications
This is very strange, the last replication seemed to have happened at
the Windows epoch, but it still past. Try creating a user on the
windows DC and see if gets replicated to the Samba DC.
>
> Starting test: Services
>
> Could not open EventSystem Service on UBUNTU-DC, error 0x8
>
> "Not enough storage is available to process this command."
>
> Could not open RpcSs Service on UBUNTU-DC, error 0x8
>
> "Not enough storage is available to process this command."
> ..........
> ......................... UBUNTU-DC failed test Services
These failures are probably down to trying to run windows services on a
Unix DC where the do not exist.
> Starting test: VerifyReferences
>
> Some objects relating to the DC UBUNTU-DC have problems:
> [1] Problem: Missing Expected Value
>
> Base Object:
>
> CN=NTDS
> Settings,CN=UBUNTU-DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Gal-Shvav,DC=local
>
> Base Object Description: "DSA Object"
>
> Value Object Attribute Name: serverReferenceBL
>
> Value Object Description: "SYSVOL FRS Member Object"
>
> Recommended Action: See Knowledge Base Article: Q312862
>
>
> [1] Problem: Missing Expected Value
>
> Base Object:
>
> CN=UBUNTU-DC,OU=Domain Controllers,DC=Gal-Shvav,DC=local
>
> Base Object Description: "DC Account Object"
>
> Value Object Attribute Name: frsComputerReferenceBL
>
> Value Object Description: "SYSVOL FRS Member Object"
>
> Recommended Action: See Knowledge Base Article: Q312862
>
>
> ......................... UBUNTU-DC failed test
> VerifyReferences
Again, I wouldn't worry about the above, they seem to to do with sysvol
replication, that a Samba DC doesn't do.
Samba has its own tools:
samba-tool dbcheck
samba-tool ldapcmp
samba-tool drs showrepl
Rowland
More information about the samba
mailing list