[Samba] Replication is broken due to Bind DNS resolution
L. van Belle
belle at samba.org
Wed Jun 8 09:53:43 UTC 2022
Which server is the best of the 3?
move the FSMO roles (* for now) to that server. I suggest SERENITY.
Test in order, en repeat that in every test, exact same order..
1) SERENITY
2) OLYMPIA
3) KEFA
This is I think the best server order.
How is the replication between SERENITY and OLYMPIA, are these good.
if these don’t show errors then that’s your new base.
so, most looks ok, do the following.
Remove KEFA from AD domain.
Steps :
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC
After its removed, you need to verify/use ldapsearch to check if all A and PTR and names are gone.
only and only your sure, its all going.
Change the /etc/resolv.conf and point it to SERENITY
now, Reprovison it.
That should do it.
The key thing, be sure all old entries are gone and removed and tripple checked.
How that it helps for you.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba <samba-bounces at lists.samba.org> Namens Zombie Ryushu via
> samba
> Verzonden: woensdag 8 juni 2022 11:09
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Replication is broken due to Bind DNS resolution
>
> On 6/8/22 05:03, Zombie Ryushu via samba wrote:
> > On 6/8/22 04:31, L. van Belle via samba wrote:
> >> No, Samba Replication is not broken due to Bind DNS resolution.
> >> its broken because of a outdated and/or failty setup, but your close
> >> now to the fix.
> >>
> >> on all servers, run :
> >> samba-tool drs showrepl
> >> and
> >> samba-tool dbcheck --cross-nc
> >> and fix it all.
> >>
> >> this server : > c0ad4d18-ce25-4198-8e21-694c0727fecf._msdcs.pukey.
> >> 900 IN CNAME kefka.pukey.
> >> its missing in sites and services,
> >>
> >> * most probley due other servers being turned off, scaveing, don’t
> >> know, your thread is hard to follow you need to readd it.
> >>
> >> So, I don’t know if you use the RSAT windows tools, goto "Active
> >> Directry Sites and Services"
> >> Your missing a server there, re-add it, I don’t know the CLI for
> >> that, never used it.
> >>
> >> Then as last, find the best "working server, and then push that
> >> database to the other DC's.
> >> reboot the other server ( not the best working ) and check
> >> replication again.
> >>
> >> I hope this helps a bit.
> >>
> >> Greetz,
> >>
> >> Louis
> >>
> >>
> >>
> >>
> >>
> >>> -----Oorspronkelijk bericht-----
> >>> Van: samba <samba-bounces at lists.samba.org> Namens Zombie Ryushu
> via
> >>> samba
> >>> Verzonden: woensdag 8 juni 2022 03:33
> >>> Aan: samba at lists.samba.org
> >>> Onderwerp: [Samba] Replication is broken due to Bind DNS resolution
> >>>
> >>> _msdcs.pukey. 900 IN NS
> >>> kefka.pukey.
> >>> 602bdd9f-a9a0-411d-9f1b-04a63ea93653._msdcs.pukey. 900 IN CNAME
> >>> serenity.pukey.
> >>> c0ad4d18-ce25-4198-8e21-694c0727fecf._msdcs.pukey. 900 IN CNAME
> >>> kefka.pukey.
> >>> d02fb6d3-feec-46ec-bcb1-dad7bdd64e27._msdcs.pukey. 900 IN CNAME
> >>> olympia.pukey.
> >>>
> >>> dig CNAME c0ad4d18-ce25-4198-8e21-694c0727fecf._msdcs.pukey.
> >>>
> >>> ; <<>> DiG 9.16.6 <<>> CNAME
> >>> c0ad4d18-ce25-4198-8e21-694c0727fecf._msdcs.pukey.
> >>> ;; global options: +cmd
> >>> ;; Got answer:
> >>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22640 ;; flags:
> >>> qr rd
> >>> ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> >>>
> >>> ;; OPT PSEUDOSECTION:
> >>> ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE:
> >>> 95959d4651f663c701000000629ffbe2c34562879fb6e153 (good) ;;
> QUESTION
> >>> SECTION:
> >>> ;c0ad4d18-ce25-4198-8e21-694c0727fecf._msdcs.pukey. IN CNAME
> >>>
> >>> ;; Query time: 31 msec
> >>> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> >>> ;; WHEN: Tue Jun 07 21:31:14 EDT 2022 ;; MSG SIZE rcvd: 106
> >>>
> >>> This problem recently showed up.
> >>>
> >>>
> >>> DC=pukey
> >>> Default-First-Site-Name\KEFKA via RPC
> >>> DSA object GUID:
> >>> c0ad4d18-ce25-4198-8e21-694c0727fecf
> >>> Last attempt @ Tue Jun 7 21:30:34 2022 EDT failed,
> >>> result 2
> >>> (WERR_FILE_NOT_FOUND)
> >>> 173 consecutive failure(s).
> >>> Last success @ Tue Jun 7 07:08:36 2022 EDT
> >>>
> >>> --
> >>> To unsubscribe from this list go to the following URL and read the
> >>> instructions: https://lists.samba.org/mailman/options/samba
> >>
> > I did manage to fix the errors but replication and wbinfo isn't
> > working still.
> >
> >
> There are no Windows PCs on my network.
>
> # samba-tool drs showrepl
> Default-First-Site-Name\KEFKA
> DSA Options: 0x00000001
> DSA object GUID: c0ad4d18-ce25-4198-8e21-694c0727fecf
> DSA invocationId: 1d62f06e-5929-482d-8daf-2e0e9c720498
>
> ==== INBOUND NEIGHBORS ====
>
> DC=DomainDnsZones,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:04:35 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 207 consecutive failure(s).
> Last success @ Sun Jun 5 20:46:34 2022 EDT
>
> DC=DomainDnsZones,DC=pukey
> Default-First-Site-Name\OLYMPIA via RPC
> DSA object GUID: d02fb6d3-feec-46ec-bcb1-dad7bdd64e27
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 508 consecutive failure(s).
> Last success @ NTTIME(0)
>
> DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 207 consecutive failure(s).
> Last success @ Sun Jun 5 20:46:35 2022 EDT
>
> DC=pukey
> Default-First-Site-Name\OLYMPIA via RPC
> DSA object GUID: d02fb6d3-feec-46ec-bcb1-dad7bdd64e27
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 505 consecutive failure(s).
> Last success @ NTTIME(0)
>
> DC=ForestDnsZones,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 207 consecutive failure(s).
> Last success @ Sun Jun 5 20:46:35 2022 EDT
>
> DC=ForestDnsZones,DC=pukey
> Default-First-Site-Name\OLYMPIA via RPC
> DSA object GUID: d02fb6d3-feec-46ec-bcb1-dad7bdd64e27
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 506 consecutive failure(s).
> Last success @ NTTIME(0)
>
> CN=Configuration,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 206 consecutive failure(s).
> Last success @ Sun Jun 5 20:46:35 2022 EDT
>
> CN=Configuration,DC=pukey
> Default-First-Site-Name\OLYMPIA via RPC
> DSA object GUID: d02fb6d3-feec-46ec-bcb1-dad7bdd64e27
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 506 consecutive failure(s).
> Last success @ NTTIME(0)
>
> CN=Schema,CN=Configuration,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 206 consecutive failure(s).
> Last success @ Sun Jun 5 20:46:36 2022 EDT
>
> CN=Schema,CN=Configuration,DC=pukey
> Default-First-Site-Name\OLYMPIA via RPC
> DSA object GUID: d02fb6d3-feec-46ec-bcb1-dad7bdd64e27
> Last attempt @ Wed Jun 8 05:04:36 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 511 consecutive failure(s).
> Last success @ NTTIME(0)
>
> ==== OUTBOUND NEIGHBORS ====
>
> DC=DomainDnsZones,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:07:08 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 12112 consecutive failure(s).
> Last success @ NTTIME(0)
>
> DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:07:08 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 12106 consecutive failure(s).
> Last success @ NTTIME(0)
>
> DC=ForestDnsZones,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:07:08 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 12111 consecutive failure(s).
> Last success @ NTTIME(0)
>
> CN=Configuration,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:07:08 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 12105 consecutive failure(s).
> Last success @ NTTIME(0)
>
> CN=Schema,CN=Configuration,DC=pukey
> Default-First-Site-Name\SERENITY via RPC
> DSA object GUID: 602bdd9f-a9a0-411d-9f1b-04a63ea93653
> Last attempt @ Wed Jun 8 05:07:08 2022 EDT failed, result 2
> (WERR_FILE_NOT_FOUND)
> 12101 consecutive failure(s).
> Last success @ NTTIME(0)
>
> ==== KCC CONNECTION OBJECTS ====
>
> Connection --
> Connection name: 4e81be67-ab19-482d-8985-c420b4003b32
> Enabled : TRUE
> Server DNS name : olympia.pukey
> Server DN name : CN=NTDS
> Settings,CN=OLYMPIA,CN=Servers,CN=Default-First-Site-
> Name,CN=Sites,CN=Configuration,DC=pukey
> TransportType: RPC
> options: 0x00000001
> Warning: No NC replicated for Connection!
> Connection --
> Connection name: 1242565f-0730-4a91-992e-cf62266af8fb
> Enabled : TRUE
> Server DNS name : serenity.pukey
> Server DN name : CN=NTDS
> Settings,CN=SERENITY,CN=Servers,CN=Default-First-Site-
> Name,CN=Sites,CN=Configuration,DC=pukey
> TransportType: RPC
> options: 0x00000001
> Warning: No NC replicated for Connection!
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list