[Samba] DRS error after DC reboot
Giuseppe Arvati
giuseppe.arvati at gmail.com
Tue Sep 21 12:24:28 UTC 2021
Il 21/09/2021 13:13, cn--- via samba ha scritto:
> What is the nameserver used when you do this query?
BINGO !!!
there was a demoted NS in /etc/resolve.conf but I did not notice them
because before reboot all worked well
Many thank Christian, I was in panic mode
[root at dc1piopp ~]# samba-tool drs showrepl
apamsede\DC1PIOPP
DSA Options: 0x00000001
DSA object GUID: 1abf9afd-8882-48a0-8be1-1bd6ebd63898
DSA invocationId: 2271ca2e-d7ca-47e1-9078-66b4939fd25a
==== INBOUND NEIGHBORS ====
CN=Configuration,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ Tue Sep 21 14:09:25 2021 CEST was successful
0 consecutive failure(s).
Last success @ Tue Sep 21 14:09:25 2021 CEST
CN=Schema,CN=Configuration,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ Tue Sep 21 14:09:25 2021 CEST was successful
0 consecutive failure(s).
Last success @ Tue Sep 21 14:09:25 2021 CEST
DC=DomainDnsZones,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ Tue Sep 21 14:09:25 2021 CEST was successful
0 consecutive failure(s).
Last success @ Tue Sep 21 14:09:25 2021 CEST
DC=ForestDnsZones,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ Tue Sep 21 14:09:25 2021 CEST was successful
0 consecutive failure(s).
Last success @ Tue Sep 21 14:09:25 2021 CEST
DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ Tue Sep 21 14:09:25 2021 CEST was successful
0 consecutive failure(s).
Last success @ Tue Sep 21 14:09:25 2021 CEST
==== OUTBOUND NEIGHBORS ====
CN=Configuration,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Schema,CN=Configuration,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=DomainDnsZones,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=ForestDnsZones,DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=apam-ad,DC=apam,DC=it
uff-ucp-mn\DC2UCP via RPC
DSA object GUID: a9f8983c-b491-43f5-b63e-c2a72193a9cc
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: e93988ec-4f55-469e-abd2-9034ae7137f4
Enabled : TRUE
Server DNS name : dc2ucp.apam-ad.apam.it
Server DN name : CN=NTDS
Settings,CN=DC2UCP,CN=Servers,CN=uff-ucp-mn,CN=Sites,CN=Configuration,DC=apam-ad,DC=apam,DC=it
TransportType: RPC
options: 0x00000001
root at dc1piopp ~]# host -t SRV _ldap._tcp.apam-ad.apam.it.
_ldap._tcp.apam-ad.apam.it has SRV record 0 100 389 dc2ucp.apam-ad.apam.it.
_ldap._tcp.apam-ad.apam.it has SRV record 0 100 389
dc1piopp.apam-ad.apam.it.
[root at dc1piopp ~]# host -t SRV _ldap._tcp.apam-ad.apam.it.^C
[root at dc1piopp ~]# samba-tool drs
Usage: samba-tool drs <subcommand>
Directory Replication Services (DRS) management.
[root at dc1piopp ~]# samba-tool drs showrepl
apamsede\DC1PIOPP
DSA Options: 0x00000001
DSA object GUID: 1abf9afd-8882-48a0-8be1-1bd6ebd63898
DSA invocationId: 2271ca2e-d7ca-47e1-9078-66b4939fd25a
> Am 21. September 2021 12:45:54 MESZ schrieb Giuseppe Arvati via samba <samba at lists.samba.org>:
>> Il 21/09/2021 08:44, cn--- via samba ha scritto:
>>> Am 21.09.21 um 08:35 schrieb Giuseppe Arvati via samba:
>>>>>> The
>>>>>> # samba-tool drs showrepl
>>>>>> ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to
>>>>>> dc1piopp.apam-ad.apam.it failed - drsException: DRS connection to
>>>>>> dc1piopp.apam-ad.apam.it failed: (32212
>>>>>> 25653,
>>>>>> '{Device Timeout} The specified I/O operation on %hs was not
>>>>>> completed
>>>>>> before the time-out period expired.')
>>>>>> File
>>>>>> "/usr/local/samba/lib64/python2.7/site-
>>>>>> packages/samba/netcmd/drs.py",
>>>>>> line 44, in drsuapi_connect
>>>>>> (ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions)
>>>>>> =
>>>>>> drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
>>>>>> File
>>>>>> "/usr/local/samba/lib64/python2.7/site-packages/samba/drs_utils.py",
>>>>>> line 58, in drsuapi_connect
>>>>>> raise drsException("DRS connection to %s failed: %s" % (server,
>>>>>> e))
>>>>>> failed
>>> Is the DNS entry of the DC still there?
>>> Do these tests work?
>>>
>>> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Verifying_DNS
>>>
>>> Regards
>>>
>>> Christian
>>>
>> Hello Christian
>>
>> thank you
>>
>> Last login: Tue Sep 21 08:22:44 2021 from 10.1.97.41
>> [root at dc1piopp ~]# host -t SRV _ldap._tcp.apam-ad.apam.it.
>> Host _ldap._tcp.apam-ad.apam.it. not found: 3(NXDOMAIN)
>> [root at dc1piopp ~]# host -t SRV _ldap._tcp.dc1piopp.apam-ad.apam.it.
>> Host _ldap._tcp.dc1piopp.apam-ad.apam.it. not found: 3(NXDOMAIN)
>> [root at dc1piopp ~]# host -t SRV _ldap._tcp.apam-ad.apam.it.
>> Host _ldap._tcp.apam-ad.apam.it. not found: 3(NXDOMAIN)
>> [root at dc1piopp ~]# host -t SRV _kerberos._udp.apam-ad.apam.it.
>> Host _kerberos._udp.apam-ad.apam.it. not found: 3(NXDOMAIN)
>> [root at dc1piopp ~]# host -t A dc1piopp.apam-ad.apam.it.
>> dc1piopp.apam-ad.apam.it has address 10.1.1.4
>>
>> but I see ( RSAT ) in dns manager
>>
>> apam-ad.apam.it
>>
>> _tcp
>>
>> _ldap SRV dc1piopp.apam-ad.apam.it
>>
>>
>>
>>
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list