[Samba] Problems with Samba 4.5.16 - configuring a second failover AD DC and joining this to an existing domain SAMDOM

Rowland Penny rpenny at samba.org
Fri Mar 22 17:06:31 UTC 2019 

On Fri, 22 Mar 2019 16:37:23 +0000
Stephen <stephen at ogdenradar.com> wrote:

> Thanks for taking a look Roland, and I appreciate your comments 
> regarding your scripts. I am not a professional sysadmin so there
> likely is stuff there that the grizzled unix veterans on this list
> will find a little odd  :)
> 
> I just restarted samba on ad2 as per your suggestion and I got the 
> following output:
> 
> pi at ad2:~ $ sudo systemctl restart samba-ad-dc.service
> pi at ad2:~ $ sudo samba-tool drs showrepl
> Default-First-Site-Name\AD2
> DSA Options: 0x00000001
> DSA object GUID: e676dfc3-670d-46bb-b1f7-756bae990a30
> DSA invocationId: b7fb9a73-a5c5-4672-9d0f-83e0323f9f3b
> 
> ==== INBOUND NEIGHBORS ====
> 
> CN=Configuration,DC=samdom,DC=example,DC=com
>          Default-First-Site-Name\AD1 via RPC
>                  DSA object GUID: a021ecef-e1f1-41ea-9787-9c3678f25e4a
>                  Last attempt @ Fri Mar 22 16:16:01 2019 GMT was
> successful 0 consecutive failure(s).
>                  Last success @ Fri Mar 22 16:16:01 2019 GMT
> 
> DC=DomainDnsZones,DC=samdom,DC=example,DC=com
>          Default-First-Site-Name\AD1 via RPC
>                  DSA object GUID: a021ecef-e1f1-41ea-9787-9c3678f25e4a
>                  Last attempt @ Fri Mar 22 16:16:00 2019 GMT was
> successful 0 consecutive failure(s).
>                  Last success @ Fri Mar 22 16:16:00 2019 GMT
> 
> CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
>          Default-First-Site-Name\AD1 via RPC
>                  DSA object GUID: a021ecef-e1f1-41ea-9787-9c3678f25e4a
>                  Last attempt @ Fri Mar 22 16:16:01 2019 GMT was
> successful 0 consecutive failure(s).
>                  Last success @ Fri Mar 22 16:16:01 2019 GMT
> 
> DC=ForestDnsZones,DC=samdom,DC=example,DC=com
>          Default-First-Site-Name\AD1 via RPC
>                  DSA object GUID: a021ecef-e1f1-41ea-9787-9c3678f25e4a
>                  Last attempt @ Fri Mar 22 16:16:00 2019 GMT was
> successful 0 consecutive failure(s).
>                  Last success @ Fri Mar 22 16:16:00 2019 GMT
> 
> DC=samdom,DC=example,DC=com
>          Default-First-Site-Name\AD1 via RPC
>                  DSA object GUID: a021ecef-e1f1-41ea-9787-9c3678f25e4a
>                  Last attempt @ Fri Mar 22 16:16:01 2019 GMT was
> successful 0 consecutive failure(s).
>                  Last success @ Fri Mar 22 16:16:01 2019 GMT
> 
> ==== OUTBOUND NEIGHBORS ====
> 
> ==== KCC CONNECTION OBJECTS ====
> 
> Connection --
>          Connection name: c2f83b11-0d06-41d3-b6c1-438ae935852c
>          Enabled        : TRUE
>          Server DNS name : ad1.samdom.example.com
>          Server DN name  : CN=NTDS 
> Settings,CN=AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=example,DC=com
>                  TransportType: RPC
>                  options: 0x00000001
> Warning: No NC replicated for Connection!
> 

Try reading this:

https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record

The problem is that things have changed greatly in Samba AD since 4.5.x
was released, the latest Samba version is 4.10.0

Rowland

More information about the samba mailing list