[Samba] Failing replication
alexander.harm at apfel-q.de
Wed Feb 5 22:41:48 UTC 2020
we could need some help resolving a replication issue we experience since one week.
We have 1 DC in the cloud running Windows Server 2019 with DFL/FFL 2008R2.
We have 3 sites with 5 DCs running Samba on Debian Buster in total replicating the AD from Windows.
Since one week the replication state shows the following error:
Azure\VMDC-AZURE-01 via RPC
DSA object GUID: ecef0aca-3c4e-45f8-b780-7b9aad0fe8cb
Last attempt @ Tue Feb 4 18:54:01 2020 CET failed, result 58 (WERR_BAD_NET_RESP)
10468 consecutive failure(s).
Last success @ Tue Feb 4 18:30:58 2020 CET
Running samba-tool drs replicate ka-h9-dc02 VMDC-AZURE-01 dc=ds,dc=example,dc=com --sync-all -d 9 returns
drsuapi_DsReplicaSync: struct drsuapi_DsReplicaSync
out: struct drsuapi_DsReplicaSync
result : WERR_BAD_NET_RESP
ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (58, 'WERR_BAD_NET_RESP')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line 568, in run
drs_utils.sendDsReplicaSync(server_bind, server_bind_handle, source_dsa_guid, NC, req_options)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 88, in sendDsReplicaSync
raise drsException("DsReplicaSync failed %s" % estr)
In the log we see the following error messages
Failed to commit objects: WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
[2020/02/02 00:12:28.053843, 0] ../source4/dsdb/repl/drepl_out_helpers.c:1030(dreplsrv_op_pull_source_apply_changes_trigger)
We usually only make changes to the Windows domain but of course it can happen that new machines join the local on-site DCs.
Right now our replication is stuck and we don't know how to fix it let alone have any idea on what has gone wrong. It would be fantastic if someone could point us into the right direction.
More information about the samba