[Samba] Replication not working for remote Domain Controller
Rowland penny
rpenny at samba.org
Wed Dec 11 18:39:14 UTC 2019
On 11/12/2019 18:10, shacky via samba wrote:
> Hi,
> I have three Samba Domain Controllers, two in the LAN local network (dc1
> and dc2) and one in a remote network which is accessible from the LAN
> through a VPN connection (dc4).
> Every domain controller can reach every other domain controllers, and every
> type of traffic is permitted by firewalls, they can ping and access to
> every TCP and UDP ports.
>
> Checking the Samba replication I see that the two domain controllers on the
> local network (dc1 and dc2) are regularly replicated, but dc4 is not
> replicated at all:
>
> ================================== 8<
> ==========================================
> root at dc1:~/check_ad_replication.py (18:59:47)# ./check_ad_replication.py
> CRITICAL: Realm: tn.ies.it Failing: dc4 since forever(!!), Still OK: dc2 as
> of 2 mins|ok=1 fail=1
>
> root at dc2:~/check_ad_replication.py# ./check_ad_replication.py
> CRITICAL: Realm: tn.ies.it Failing: dc4 since forever(!!), Still OK: dc1 as
> of 1 mins|ok=1 fail=1
> ================================== 8<
> ==========================================
>
> So I checked the replication status using "samba-tool drs showrepl" and
> it's clear that dc4 is not replicating, and I realized that I have
> several WERR_FILE_NOT_FOUND errors for dc4 (see below).
>
> I'm hanged trying to find out why I'm receiving the WERR_FILE_NOT_FOUND
> error for dc4, so I checked the DNS with the Windows Active Directory Sites
> and Services tool, and I saw that dc1 and dc2 both have two "replicate
> from" connections, but dc4 has no connection.
>
> In the Sites Subnets i only see the LAN network subnet and not the data
> center one (the dc4's subnet): I don't know if this is a problem, but it's
> a difference.
>
> The other difference I found in the Windows DNS tool is that there are no
> records in the _msdcs.my.domain.name domain for dc4.
>
Good, the _msdcs domain is the forest domain, but are there records for
all three DCs in:
DC=your.domain.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=your,DC=domain,DC=com
What version(s) of Samba is this ?
Rowland
More information about the samba
mailing list