[Samba] Problème de replication

matthieu le roy leroy.matthieu50 at gmail.com
Thu Mar 11 17:29:52 UTC 2021


Hello,
After many (too many) changes on my domain, I find myself in a situation
that I can’t get out of.
I have 2 domain controllers called ad03 and ad04 but replication doesn’t
work and their ldap differs like this :

samba-tool ldapcmp ldap://ad03 ldap://ad04 -v
ldb_wrap open of secrets.ldb
resolve_lmhosts: Attempting lmhosts lookup for name ad03<0x20>
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
resolve_lmhosts: Attempting lmhosts lookup for name ad04<0x20>
* Comparing [DOMAIN] context...
* Objects to be compared: 554
    Difference in attribute values:
        servicePrincipalName =>
[b'E3514235-4B06-11D1-AB04-00C04FC2DCD2/ceddd4ea-a2fc-4070-bd37-0505d51c6c7c/
domain.info', b'GC/ad04.domain.info/domain.info', b'HOST/AD04', b'HOST/
ad04.domain.info']
[b'E3514235-4B06-11D1-AB04-00C04FC2DCD2/ceddd4ea-a2fc-4070-bd37-0505d51c6c7c/
domain.info', b'GC/ad04.domain.info/domain.info', b'HOST/AD04', b'HOST/
ad04.domain.info', b'HOST/ad04.domain.info/DOMAIN', b'HOST/
ad04.domain.info/domain.info', b'RestrictedKrbHost/AD04',
b'RestrictedKrbHost/ad04.domain.info', b'ldap/AD04', b'ldap/ad04.domain.info',
b'ldap/ad04.domain.info/DomainDnsZones.domain.info', b'ldap/
ad04.domain.info/ForestDnsZones.domain.info', b'ldap/ad04.domain.info/DOMAIN',
b'ldap/ad04.domain.info/domain.info',
b'ldap/ceddd4ea-a2fc-4070-bd37-0505d51c6c7c._msdcs.domain.info']
    FAILED
* Result for [DOMAIN]: FAILURE
SUMMARY
---------
Attributes with different values:
    servicePrincipalName
* Comparing [CONFIGURATION] context...
* DN lists have different size: 1622 != 1623
    CN=87B79F9E-8A4F-4DF7-8A30-67F11FAD6AFD,CN=NTDS
SETTINGS,CN=AD04,CN=SERVERS,CN=DEFAULT-FIRST-SITE-NAME,CN=SITES,CN=CONFIGURATION,DC=DOMAIN,DC=INFO
* Objects to be compared: 1622
* Result for [CONFIGURATION]: FAILURE
SUMMARY
---------
* Comparing [SCHEMA] context...
* Objects to be compared: 1550
ERROR: Compare failed: -1
* Result for [SCHEMA]: SUCCESS
* Comparing [DNSDOMAIN] context...
* Objects to be compared: 136
* Result for [DNSDOMAIN]: SUCCESS
* Comparing [DNSFOREST] context...
* Objects to be compared: 36
* Result for [DNSFOREST]: SUCCESS
root at ad03:/#

Can you help me?

Matthias

----------Texte original-----------
Bonjour,

Après beaucoup (trop) de modifications sur mon domaine, je me retrouve dans
une situation dont je n'arrive pas a me sortir.

J'ai 2 contrôleur de domaine appelé ad03 et ad04 mais la réplication ne
fonctionne pas et leur ldap diffère comme cela :

Pouvez-vous m'aider?


More information about the samba mailing list