[Samba] DN lists have different size: 4065 != 4029

L.P.H. van Belle belle at bazuin.nl
Wed May 8 07:31:12 UTC 2019 

Hai, 
 
Yes, good you verified time is in sync. 

As far i can see/tell. And i can not tell why you have this differences, but DC4 looks best. 
Can you tell how your NTP is configured, because i still excpect that one of the problem might come from that. 
Can you show the ntp.conf file or the chrony.conf? 
 
If you use apparmor, then you might have a problem from that. 
check if the file : /etc/apparmor.d/usr.sbin.ntpd contains this path. 
Verified for Debian/Ubuntu, where the wrong path is : /{,var/}run/samba/ntp_signd/socket rw,

Easy fix for now is : 
Enable :  include <local/usr.sbin.ntpd>

Add this in the included file.
# samba4 ntp signing socket
/var/lib/samba/ntp_signd/socket	rw,

Debian bugnr : #928168 
And same for chrony. 
If you use NTP, i dont recommend the use of a ntp pool. 

I've seen ntp pools go off over 5 min difference, so in my opinion not reliable enough. 
Might depend also on the pools but, if hitted that once and then i changed it. 
( from : http://support.ntp.org/bin/view/Servers/WebHome ) 

You could use these for your location. 
gps.ntp.br
a.st1.ntp.br
d.st1.ntp.br
 

Now for you replication errors. 
Good to see you synced DC4 to DC3, that was what i would have recommended also. 

Did you compair the replication outputs, you might need to correct a few groups where the members where off. 
So keep the logs you posted also to verify the few left overs IF needed. 

Ok, while look at this, i noticed something else. 
Your previous messages to the list. 
https://www.spinics.net/lists/samba/msg156598.html 
Subject: joined computer not appear in all DCs (DC4 not sync with DC3)

So before you change anything, hold on. I've reviews some of your other posts. 
And ive look what is going on here. Basicly your affected by bug: 
https://bugzilla.samba.org/show_bug.cgi?id=12204 

Now, next week there is an new pacakge release, but since you where my first donator, :-) 
I'll make you an package so you can try and see if the patches in  bug#12204 do work out for you. 


And last, since your running Debian and my packages, which make is much easier to track wrong settings. 
Run : https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh 
Your probley already have dont this but please do it again on both DC's. 
Then PM it to me, and please dont modify anything, i need it exact as it. 
I'll respect your data and keep it secret. ( except if needed for other samba-dev's to track your problem ) 
 
I'll pm you when these packages are ready. 

Greetz, 

Louis

More information about the samba mailing list