[Samba] Replication only working one way
Peter Pollock
peter.pollock at kingschristian.org
Tue Jul 14 17:37:02 UTC 2020
OK, tried that. Kicked myself for not trying earlier... but it didn't
work.
In fact, the error has got worse.
Now when I try to go from Genesis to Luke I get:
sudo samba-tool drs replicate luke genesis DC=kcs,DC=local -Udomainadmin
.
.
ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed -
drsException: DsReplicaSync failed (1359, 'WERR_INTERNAL_ERROR')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line 386, in
run
drs_utils.sendDsReplicaSync(server_bind, server_bind_handle,
source_dsa_guid, NC, req_options)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 85, in
sendDsReplicaSync
raise drsException("DsReplicaSync failed %s" % estr)
and when I go the other way I get a different error:
sudo samba-tool drs replicate genesis luke DC=kcs,DC=local -Udomainadmin
.
.
ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed -
drsException: DsReplicaSync failed (8453, 'WERR_DS_DRA_ACCESS_DENIED')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line 386, in
run
drs_utils.sendDsReplicaSync(server_bind, server_bind_handle,
source_dsa_guid, NC, req_options)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 85, in
sendDsReplicaSync
raise drsException("DsReplicaSync failed %s" % estr)
On Mon, Jul 13, 2020 at 11:32 PM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 14/07/2020 03:35, Peter Pollock via samba wrote:
> > Hi,
> >
> > I have been trying for days to solve this to no avail. I have taken over
> > the IT responsibilities at a small school and am trying to get my head
> > around their network and why they are having problems.
> > They have 3 servers, Matthew, Genesis and Luke.
> >
> > Matthew is a Windows 2008 R2 server and holds all the FSMO roles but
> > appears to be screwed up. It won't replicate with anything and randomly
> > restarts itself. It wasn't doing much anyway so I want to decommission
> it.
> >
> > Genesis and Luke are both running Ubuntu 18.04.4 LTS and Samba 4.7.6
> >
> > When I replicate from genesis to luke, everything works fine (or says it
> > does)
> >
> > When I replicate from luke to genesis though, I get a failure message:
> >
> > sudo samba-tool drs replicate genesis luke dc=kcs,dc=local
> > ldb_wrap open of secrets.ldb
> > GENSEC backend 'gssapi_spnego' registered
> > GENSEC backend 'gssapi_krb5' registered
> > GENSEC backend 'gssapi_krb5_sasl' registered
> > GENSEC backend 'spnego' registered
> > GENSEC backend 'schannel' registered
> > GENSEC backend 'naclrpc_as_system' registered
> > GENSEC backend 'sasl-EXTERNAL' registered
> > GENSEC backend 'ntlmssp' registered
> > GENSEC backend 'ntlmssp_resume_ccache' registered
> > GENSEC backend 'http_basic' registered
> > GENSEC backend 'http_ntlm' registered
> > GENSEC backend 'krb5' registered
> > GENSEC backend 'fake_gssapi_krb5' registered
> > Using binding ncacn_ip_tcp:genesis[,seal]
> > resolve_lmhosts: Attempting lmhosts lookup for name genesis<0x20>
> > resolve_lmhosts: Attempting lmhosts lookup for name genesis<0x20>
> > resolve_lmhosts: Attempting lmhosts lookup for name genesis<0x20>
> > ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed -
> > drsException: DsReplicaSync failed (8453, 'WERR_DS_DRA_ACCESS_DENIED')
> > File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line
> 386, in
> > run
> > drs_utils.sendDsReplicaSync(server_bind, server_bind_handle,
> > source_dsa_guid, NC, req_options)
> > File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 85,
> in
> > sendDsReplicaSync
> > raise drsException("DsReplicaSync failed %s" % estr)
> >
> > However, new users I create on either genesis or luke replicate to the
> > other with no problems.
> >
> > I have no idea what is wrong or how to go about fixing it. Can anyone
> help?
>
> Try running the command again, but this time add '-UAdministrator' on
> the end.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list