[Samba] samba drs replication between sites - change kcc connection object when replication partner from other site is unavailable.

[Kacper Wirski]

Hello,

I'm in the process of updating samba AD DC (not just samba but whole new 
OS/VM). I have 2 sites, default-first-site-name and site2.

I was updating DC in default-first-site, the one that was holding FSMO 
roles and was replicating witht the dc in site2.

After FSMO roles were transferred from dc1 -> dc2  (this had to be done, 
so dc1 could be temporarily demoted and replaced with new VM) 
replication stopped between sites, becasue DC in site2 was still trying 
to replicate with DC1.

I could manually replicate all partitions with dc2, but still dc in 
site2 didn't "choose" dc2 as suitable kcc object and output of 
"samba-tool drs showrepl" was basically  empty lists of inbound/outbound 
except for the singular successful" replication initiaded manually from dc2.

I sidestepped this issue by demoting dc in site2 and joining again - it 
solved issue temporarily, but after I again transferred FSMO from dc2 to 
dc1 in default-first-site, I see that replication is ongoing between dc2 
- dc in site 2 and if I were to in, any way "remove" (demote) dc2, 
replication would break again.

Is there a way other than re-joining domain to force samba ad in 
different site to use different server as replication "partner"?

I restarted samba on all 3 servers and

Samba versions are:

dc in site2 4.12.6 (this one is the last one to be updated to newer 
version) and both dc's in default-first-site are now samba 4.13.x 
(samba-ad-dc from default debian repo).

Regards,

Kacper


-- 
Ta wiadomość e-mail została sprawdzona pod kątem wirusów przez oprogramowanie antywirusowe Avast.
www.avast.com