[Samba] Failing replication

Alexander Harm alexander.harm at apfel-q.de
Wed Feb 5 22:41:48 UTC 2020


we could need some help resolving a replication issue we experience since one week.

We have 1 DC in the cloud running Windows Server 2019 with DFL/FFL 2008R2.

We have 3 sites with 5 DCs running Samba on Debian Buster in total replicating the AD from Windows.

Since one week the replication state shows the following error:


	Azure\VMDC-AZURE-01 via RPC

		DSA object GUID: ecef0aca-3c4e-45f8-b780-7b9aad0fe8cb

		Last attempt @ Tue Feb  4 18:54:01 2020 CET failed, result 58 (WERR_BAD_NET_RESP)

		10468 consecutive failure(s).

		Last success @ Tue Feb  4 18:30:58 2020 CET

Running samba-tool drs replicate ka-h9-dc02 VMDC-AZURE-01 dc=ds,dc=example,dc=com --sync-all -d 9 returns


     drsuapi_DsReplicaSync: struct drsuapi_DsReplicaSync

        out: struct drsuapi_DsReplicaSync

            result                   : WERR_BAD_NET_RESP

ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (58, 'WERR_BAD_NET_RESP')

  File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line 568, in run

    drs_utils.sendDsReplicaSync(server_bind, server_bind_handle, source_dsa_guid, NC, req_options)

  File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 88, in sendDsReplicaSync

    raise drsException("DsReplicaSync failed %s" % estr)

In the log we see the following error messages


[2020/02/02 00:12:28.053843,  0] ../source4/dsdb/repl/drepl_out_helpers.c:1030(dreplsrv_op_pull_source_apply_changes_trigger)

We usually only make changes to the Windows domain but of course it can happen that new machines join the local on-site DCs.

Right now our replication is stuck and we don't know how to fix it let alone have any idea on what has gone wrong. It would be fantastic if someone could point us into the right direction.

Thanks, Alexander

More information about the samba mailing list