[Samba] Replication between DCs seems broken after deleting a domain member
Rowland penny
rpenny at samba.org
Mon Jun 7 14:21:15 UTC 2021
On 07/06/2021 14:29, Arne Zachlod via samba wrote:
> Hi,
>
> I recently upgraded my Samba 4.3 to samba 4.13 (I really did 4.11,
> 4.12 and then 4.13). Everything seems to work fine for now, but there
> is a problem in the samba log on all but one of my DCs.
>
> I have 4 DCs: addc08, addc12, addc13 and addc16
>
> all of the DCs are on a different AD Site. addc13 is int he same site
> with the member hydra.
>
> I deleted the member hydra and added it back a few weeks ago because
> we had problems with some users logging into it from other sites. It
> seemed to have worked at that time. hydra is running as a linux AD
> member fileserver.
How did you delete the computer ?
>
> addc08 shows this:
>
> [2021/06/07 15:23:03.219420, 0]
> ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
> ldb: No objectClass found in replPropertyMetaData for
> CN=hydra,CN=Computers,DC=int,DC=company,DC=de!
>
> [2021/06/07 15:23:03.220149, 0]
> ../../source4/dsdb/repl/drepl_out_helpers.c:1184(dreplsrv_op_pull_source_apply_changes_trigger)
> Failed to commit objects:
> WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
>
>
> while addc16 and addc12 show this (only the timestamp doesn't match):
>
> [2021/06/07 15:22:12.356301, 0]
> ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
> ldb: No objectClass found in replPropertyMetaData for
> CN=hydra\0ADEL:2daab3d0-b214-45ab-8f1b-0eef7da9ecd6,CN=Deleted
> Objects,DC=int,DC=company,DC=de!
'\0ADEL' means a deleted object and for further proof it is in
'CN=Deleted Objects'
Try running this on a DC:
samba-tool domain tombstones expunge
--tombstone-lifetime=TOMBSTONE_LIFETIME -U administrator
Where 'TOMBSTONE_LIFETIME' is the number of days to keep tombstone
records for, the lower the number, the more tombstone records will be
removed.
Rowland
More information about the samba
mailing list