[Samba] DRS and DNS sync are not working after update from 4.8.2 to 4.8.3

Aleksey Vladimirov A.Vladimirov at almi-russia.ru
Thu Jun 28 08:28:23 UTC 2018


After update I have got this:

samba-tool drs kcc -Uadm2 -d 9
INFO: Current debug levels:
  all: 9
  tdb: 9
  printdrivers: 9
  lanman: 9
  smb: 9
  rpc_parse: 9
  rpc_srv: 9
  rpc_cli: 9
  passdb: 9
  sam: 9
  auth: 9
  winbind: 9
  vfs: 9
  idmap: 9
  quota: 9
  acls: 9
  locking: 9
  msdfs: 9
  dmapi: 9
  registry: 9
  scavenger: 9
  dns: 9
  ldb: 9
  tevent: 9
  auth_audit: 9
  auth_json_audit: 9
  kerberos: 9
  drs_repl: 9
  smb2: 9
  smb2_credits: 9
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
Processing section "[Scan]"
Processing section "[print$]"
Processing section "[printers]"
pm_process() returned Yes
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:sklad-dc.almi-russia.local[,seal,print]
Mapped to DCERPC endpoint 135
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name sklad-dc.almi-russia.local<0x20>
getlmhostsent: lmhost entry: 192.168.32.12 SKLAD-DC
getlmhostsent: lmhost entry: 192.168.31.12 DCSRV
getlmhostsent: lmhost entry: 192.168.32.12 ALMI-RUSSIA
Mapped to DCERPC endpoint 49152
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
added interface enp2s0 ip=192.168.32.12 bcast=192.168.32.255 netmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name sklad-dc.almi-russia.local<0x20>
getlmhostsent: lmhost entry: 192.168.32.12 SKLAD-DC
getlmhostsent: lmhost entry: 192.168.31.12 DCSRV
getlmhostsent: lmhost entry: 192.168.32.12 ALMI-RUSSIA
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
Password for [ALMI-RUSSIA\adm2]:
Received smb_krb5 packet of length 199
Received smb_krb5 packet of length 106
gensec_gssapi: NO credentials were delegated
GSSAPI Connection will be cryptographically sealed
dcerpc: alter_resp - rpc fault: DCERPC_FAULT_SEC_PKG_ERROR
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
Received smb_krb5 packet of length 199
Received smb_krb5 packet of length 106
gensec_gssapi: NO credentials were delegated
GSSAPI Connection will be cryptographically sealed
dcerpc: alter_resp - rpc fault: DCERPC_FAULT_SEC_PKG_ERROR
Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192.168.32.12[49152,seal,print,target_hostname=sklad-dc.almi-russia.local,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.32.12] NT_STATUS_LOGON_FAILURE
ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to sklad-dc.almi-russia.local failed - drsException: DRS connection to sklad-dc.almi-russia.local failed: (3221225581, 'The attempted logon is invalid. This is either due to a bad username or authentication information.')
  File "/usr/lib/python2.7/site-packages/samba/netcmd/drs.py", line 44, in drsuapi_connect
    (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) = drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
  File "/usr/lib/python2.7/site-packages/samba/drs_utils.py", line 58, in drsuapi_connect
    raise drsException("DRS connection to %s failed: %s" % (server, e))


and in the log:

Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:   ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:    / Protocol error for DC=almi-russia,DC=local
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: [2018/06/28 11:27:05.026829,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:   ldb: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:    / Protocol error for metadata partition
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: [2018/06/28 11:27:05.027064,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:   ldb: Failed to unlock db: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:    / Protocol error for metadata partition / Protocol error
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]: [2018/06/28 11:27:05.027346,  0] ../source4/dsdb/dns/dns_update.c:127(dnsupdate_rebuild)
Jun 28 11:27:05 sklad-dc.almi-russia.local samba[1130]: task[dnsupdate][1130]:   ../source4/dsdb/dns/dns_update.c:127: Unable to find DCs list - Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1130
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881556,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:    / Success for CN=Schema,CN=Configuration,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881642,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:    / Protocol error for CN=Configuration,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881682,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:    / Protocol error for DC=DomainDnsZones,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881718,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:    / Protocol error for DC=ForestDnsZones,DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881755,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to lock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:    / Protocol error for DC=almi-russia,DC=local
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881790,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:    / Protocol error for metadata partition
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]: [2018/06/28 11:27:30.881825,  0] ../lib/ldb-samba/ldb_wrap.c:77(ldb_wrap_debug)
Jun 28 11:27:30 sklad-dc.almi-russia.local samba[1112]: task[dcesrv][1112]:   ldb: Failed to unlock db: Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: Reusing ldb opend by pid 1110 in process 1112


More information about the samba mailing list