[Samba] changes on DC not replicated, while showrepl reports no issues

Rowland penny rpenny at samba.org
Tue Nov 17 12:52:34 UTC 2020


On 17/11/2020 12:41, mj via samba wrote:
> Hi Rowland,
>
> On 11/17/20 1:11 PM, Rowland penny via samba wrote:
>> Try reading this:
>>
>> http://www.frickelsoft.net/blog/?p=148
>
> I googled for "unknown invocation id" and samba, and found nothing much.
>
> Thanks for the article now, I read it. (plus some more)
>
> They seem to be on AD DC restores etc. But the thing is: we know not 
> to restore a DC (and instead add new DCs), and therefore never 
> restored one.
>
> This AD has been running stable for a number of years now.
>
> At one point, years ago, we had issues, and decided to continue with 
> one of our DCs (I think it was DC2). We removed the others, re-added 
> them, and ever since, there have been no issues.
>
> We run hourly ldapcmp, and showrpel etc, so I'm pretty sure that 
> things have been in sync for some years now, and through many samba 
> updates.
>
> Are the "unknown invocation IDs" the base of our issue?
>
> Could that explain why samba-tool visualize reps says that "there is 
> no connection" for DOMAIN from DC4 to DC3/DC2?
>
> Insights on how to proceed..? We've stopped making changes on our AD 
> for now.
>
> MJ
>
I was unsure whether you had restored the DC, but the outcome is the 
same, if you have one DC that isn't working correctly and all the others 
are, then demote the faulty DC and join a new one in its place.

What you must never do (and I think you understand this) is to to 
restore an individual DC from a backup, only use a backup to restore an 
entire domain.

Rowland





More information about the samba mailing list