[Samba] DN lists have different size: 4065 != 4029
L.P.H. van Belle
belle at bazuin.nl
Tue May 7 14:10:58 UTC 2019
Could you run :
samba-tool ldapcmp ldap://dc3 ldap://dc4 --filter=cn,CN,dc,DC
And compair that output?
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Elias Pereira via samba
> Verzonden: dinsdag 7 mei 2019 15:48
> Aan: samba
> Onderwerp: [Samba] DN lists have different size: 4065 != 4029
>
> Hello,
>
> dc3 = principal DC
> dc4 = secondary DC
>
> I had this problem last month after updating samba to version
> 4.10.x. and
> also the schema from 45 to 69. But it looked like it had been
> corrected.
> Today I noticed that on dc4 there are computers that are not on dc3.
>
> I updated:
> 4.7.x to 4.8.x
> 4.8.x to 4.9.x and only after that I upgrade to 4.10.x version.
>
> When I run these commands:
>
> samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix
> --yes ---- OK
> samba_dnsupdate --verbose --all-names
> -------------------------------------
> OK
> samba-tool drs showrepl
> ---------------------------------------------------------- OK
>
> all show OK.
>
> *dc3 schema: *
>
> # ldbsearch -H /var/lib/samba/private/sam.ldb -b
> 'cn=Schema,cn=Configuration,dc=campus,dc=sertao,dc=ifrs,dc=edu
> ,dc=br' -s
> base objectVersion
> # record 1
> dn:
> CN=Schema,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> objectVersion: 69
>
> # returned 1 records
> # 1 entries
> # 0 referrals
>
> *dc4 schema:*
>
> # ldbsearch -H /var/lib/samba/private/sam.ldb -b
> 'cn=Schema,cn=Configuration,dc=campus,dc=sertao,dc=ifrs,dc=edu
> ,dc=br' -s
> base objectVersion
> # record 1
> dn:
> CN=Schema,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> objectVersion: 69
>
> # returned 1 records
> # 1 entries
> # 0 referrals
>
> *smb.conf dc3*
>
> # Global parameters
> [global]
> netbios name = DC3
> realm = CAMPUS.SERTAO.IFRS.EDU.BR
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap,
> kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> workgroup = CAMPUS
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
>
> bind interfaces only = yes
> interfaces = lo eth0
>
> ldap server require strong auth = no
> #log file = /var/log/samba/log.%m
> #log level = 10
> ntlm auth = yes
> #ntlm auth = mschapv2-and-ntlmv2-only
>
> allow dns updates = nonsecure
>
> # SSL CERTS
> #tls enabled = yes
> #tls keyfile = tls/sertao.ifrs.edu.br.key.npw
> #tls certfile = tls/sertao.ifrs.edu.br.crt
> #tls cafile = tls/ca_join_icpedu.crt
>
> [netlogon]
> path = /var/lib/samba/sysvol/campus.sertao.ifrs.edu.br/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> *smb.conf dc4*
>
> # Global parameters
> [global]
> netbios name = DC4
> realm = CAMPUS.SERTAO.IFRS.EDU.BR
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap,
> kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate
> workgroup = CAMPUS
> idmap_ldb:use rfc2307 = yes
>
> bind interfaces only = yes
> interfaces = lo eth0
>
> ldap server require strong auth = no
> #log file = /var/log/samba/log.%m
> #log level = 10
> ntlm auth = yes
> #ntlm auth = mschapv2-and-ntlmv2-only
>
> allow dns updates = nonsecure
>
> [netlogon]
> path = /var/lib/samba/sysvol/campus.sertao.ifrs.edu.br/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> *samba-tool fsmo show dc3:*
>
> # samba-tool fsmo show
> SchemaMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> InfrastructureMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> RidAllocationMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> PdcEmulationMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> DomainNamingMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> DomainDnsZonesMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> ForestDnsZonesMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
>
> *samba-tool fsmo show dc4:*
>
> # samba-tool fsmo show
> SchemaMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> InfrastructureMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> RidAllocationMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> PdcEmulationMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> DomainNamingMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> DomainDnsZonesMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
> ForestDnsZonesMasterRole owner: CN=NTDS
> Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
> ,CN=Configuration,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br
>
> Any ideas on how to debug this problem better? Any other log
> or config you
> need, just ask.
> --
> Elias Pereira
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list