[Samba] DRS and DNS sync are not working after update from 4.8.2 to 4.8.3
Aleksey Vladimirov
A.Vladimirov at almi-russia.ru
Thu Jun 28 08:28:23 UTC 2018
After update I have got this:
samba-tool drs kcc -Uadm2 -d 9
INFO: Current debug levels:
all: 9
tdb: 9
printdrivers: 9
lanman: 9
smb: 9
rpc_parse: 9
rpc_srv: 9
rpc_cli: 9
passdb: 9
sam: 9
auth: 9
winbind: 9
vfs: 9
idmap: 9
quota: 9
acls: 9
locking: 9
msdfs: 9
dmapi: 9
registry: 9
scavenger: 9
dns: 9
ldb: 9
tevent: 9
auth_audit: 9
auth_json_audit: 9
kerberos: 9
drs_repl: 9
smb2: 9
smb2_credits: 9
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
Processing section "[Scan]"
Processing section "[print$]"
Processing section "[printers]"
pm_process() returned Yes
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:sklad-dc.almi-russia.local[,seal,print]
Mapped to DCERPC endpoint 135
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name sklad-dc.almi-russia.local<0x20>
getlmhostsent: lmhost entry: 192.168.32.12 SKLAD-DC
getlmhostsent: lmhost entry: 192.168.31.12 DCSRV
getlmhostsent: lmhost entry: 192.168.32.12 ALMI-RUSSIA
Mapped to DCERPC endpoint 49152
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name sklad-dc.almi-russia.local<0x20>
getlmhostsent: lmhost entry: 192.168.32.12 SKLAD-DC
getlmhostsent: lmhost entry: 192.168.31.12 DCSRV
getlmhostsent: lmhost entry: 192.168.32.12 ALMI-RUSSIA
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
Password for [ALMI-RUSSIA\adm2]:
Received smb_krb5 packet of length 199
Received smb_krb5 packet of length 106
gensec_gssapi: NO credentials were delegated
GSSAPI Connection will be cryptographically sealed
dcerpc: alter_resp - rpc fault: DCERPC_FAULT_SEC_PKG_ERROR
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
Received smb_krb5 packet of length 199
Received smb_krb5 packet of length 106
gensec_gssapi: NO credentials were delegated
GSSAPI Connection will be cryptographically sealed
dcerpc: alter_resp - rpc fault: DCERPC_FAULT_SEC_PKG_ERROR
Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192.168.32.12[49152,seal,print,target_hostname=sklad-dc.almi-russia.local,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.32.12] NT_STATUS_LOGON_FAILURE
ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to sklad-dc.almi-russia.local failed - drsException: DRS connection to sklad-dc.almi-russia.local failed: (3221225581, 'The attempted logon is invalid. This is either due to a bad username or authentication information.')
File "/usr/lib/python2.7/site-packages/samba/netcmd/drs.py", line 44, in drsuapi_connect
(ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) = drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
File "/usr/lib/python2.7/site-packages/samba/drs_utils.py", line 58, in drsuapi_connect
raise drsException("DRS connection to %s failed: %s" % (server, e))
and in the log:
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: / Protocol error for DC=almi-russia,DC=local
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: [2018/06/28 11:27:05.026829, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: ldb: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: / Protocol error for metadata partition
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: [2018/06/28 11:27:05.027064, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: ldb: Failed to unlock db: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: / Protocol error for metadata partition / Protocol error
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: [2018/06/28 11:27:05.027346, 0] ../source4/dsdb/dns/dns_update.c:127(dnsupdate_rebuild)
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: ../source4/dsdb/dns/dns_update.c:127: Unable to find DCs list - Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881556, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: / Success for CN=Schema,CN=Configuration,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881642, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: / Protocol error for CN=Configuration,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881682, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: / Protocol error for DC=DomainDnsZones,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881718, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: / Protocol error for DC=ForestDnsZones,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881755, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: / Protocol error for DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881790, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: / Protocol error for metadata partition
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881825, 0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: ldb: Failed to unlock db: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
More information about the samba
mailing list