[Samba] Samba4 multiple DCs replication

Julien TEHERY julien.tehery at openevents.fr
Thu Nov 22 13:45:04 UTC 2018


Le 22/11/2018 à 12:18, L.P.H. van Belle via samba a écrit :
> Hai,
>
> Reboot the remote servers also or login and run : samba_dnsupdate --all-names --verbose
> samba-tool dbcheck --fix or samba-tool dbcheck --fix --cross-nc
>
> Greetz,
>
> Louis
>

Result is "dns_tkey_negotiategss: TKEY is unacceptable" when doing 
dnsupdate.
I'm wondering about re installing everything from scratch in newer version.

But if there's a good way to clean thos records, I'd really like to know how
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> Julien TEHERY via samba
>> Verzonden: donderdag 22 november 2018 11:54
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication
>>
>> Le 22/11/2018 à 10:07, L.P.H. van Belle via samba a écrit :
>>> Hai Julien,
>>>
>>> Ah, ok, then im suspecting a regression bug here.
>>> For some reason somethings this happens, if you've had
>> rebooted the servers, it would probely be fixed also.
>>> There where some older reports on this, but good to know
>> its back or still there
>>> A manual run of : samba_dnsupdate --all-names --verbose
>>> Should/could helped to fix it also.
>>>
>>> And Thank you for the quick reply.
>>>
>>> Greetz,
>>>
>>> Louis
>>>
>> Ok, I try to reboot all the DCs juste to see what happens.
>> Then replication is still fine on the 3 main DCs (main site) with
>> inbound/outbound neighbors, but now "samba-tool drs whowrepl" doesn't
>> work anymore on 2 remote DCs.
>> Even they don't have outbound neighbors anymore.. :(
>>
>> They have error like:
>>
>> Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
>> ncacn_ip_tcp:192
>> .168.174.1[1024,seal,target_hostname=dc1-site-02.mydomain.lan,
> abstract_syntax=e3
>> 514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192
> .168.174.1]
>> NT_STAT
>> US_IO_TIMEOUT
>>
>> Yhen I looked in ldb with  ldbsearch -H
>> /usr/local/samba/private/sam.ldb
>> '(invocationId=*)' --cross-ncs objectguid
>> and saw doublons in it.
>>
>> I ran dbcheck on all DCs, but it didn't cleared the obsoletes records.
>> I guess those doublons are here because I ran so many tests
>> on this test
>> domain (promote/demote)
>> Is there a way to clean it up ?
>>
>>
>>>> -----Oorspronkelijk bericht-----
>>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>>>> Julien TEHERY via samba
>>>> Verzonden: donderdag 22 november 2018 10:02
>>>> Aan: samba at lists.samba.org
>>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication
>>>>
>>>> Le 22/11/2018 à 09:58, L.P.H. van Belle via samba a écrit :
>>>>> Good its fixed now, but 1 question, just for me ..
>>>>>
>>>>> Did you reboot both servers or did you only restart/reload
>>>> the services.
>>>>> Greetz,
>>>>>
>>>>> Louis
>>>> I only restarted the services. (samba and bind). Maybe it wasn't
>>>> required, but I did it.
>>>>>     
>>>>>
>>>>>> -----Oorspronkelijk bericht-----
>>>>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>>>>>> Julien TEHERY via samba
>>>>>> Verzonden: donderdag 22 november 2018 9:35
>>>>>> Aan: samba at lists.samba.org
>>>>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication
>>>>>>
>>>>>> Le 22/11/2018 à 08:38, Julien TEHERY via samba a écrit :
>>>>>>> Le 21/11/2018 à 17:47, Rowland Penny via samba a écrit :
>>>>>>>> On Wed, 21 Nov 2018 17:33:28 +0100
>>>>>>>> Julien TEHERY via samba <samba at lists.samba.org> wrote:
>>>>>>>>
>>>>>>>>> Another thing, I see that only DC1 has OUTBOUND NEIGHBORS
>>>>>> (all failed
>>>>>>>>> with an WERR_FILE_NOT_FOUND error)
>>>>>>>>> All the other DCs have only an INBOUND NEIGHBORS and
>> no OUTBOUND
>>>>>>>>> NEIGHBORS
>>>>>>>> You have problems, all DC's at a site should replicate to
>>>>>> each other
>>>>>>>> and there should be replication between sites. Is
>>>> something like a
>>>>>>>> firewall getting in the way ?
>>>>>>>>
>>>>>>>> Have you checked the AD databases ?
>>>>>>>>
>>>>>>>> Rowland
>>>>>>> There is no firewall between the  3 DCs on the main site (same
>>>>>>> subnet), however there are no outbound neighbors on DC2 and DC3
>>>>>>> replication status
>>>>>>> An yes AD db have been checked.
>>>>>>>
>>>>>>>
>>>>>> Know what, I just found out the problem.
>>>>>> CNAME records were missing, according to
>>>>>> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_D
>>>>>> NS_Record
>>>>>> I addes them, restarted both samba and bind, and then all
>>>> inbound and
>>>>>> outbound connections appeared,
>>>>>>
>>>>>>
>>>>>> -- 
>>>>>> To unsubscribe from this list go to the following URL
>> and read the
>>>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>>>
>>>>
>>>> -- 
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>
>>
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>





More information about the samba mailing list