[Samba] How to determine DNS anomaly
Rowland Penny
rpenny at samba.org
Tue May 10 07:59:36 UTC 2022
On Tue, 2022-05-10 at 09:29 +0200, Hakim Liso via samba wrote:
> Hello
>
> Ldapcmd got me Closer.
>
> * Comparing [CONFIGURATION] context...
>
> * DNs found only in ldap://dc01:
> CN=dc02,CN=NTDS
> SETTINGS,CN=dc01,CN=SERVERS,CN=loc1,CN=SITES,CN=CONFI
I have nothing like the above, but this could be because I only use the
default site. However, if it exists on one DC, it should exist on all
DC's.
>
> * DNs found only in ldap://dc02:
> CN=1C2E8F02-9175-4E72-AEF0-E9C5F1644072,CN=NTDS
> SETTINGS,CN=dc01,CN=SERVERS,
>
> * Objects to be compared: 1629
>
> Comparing:
> 'CN=NTDS SITE
> SETTINGS,CN=loc2,CN=SITES,CN=CONFIGURATION,DC=my,DC=domain'
> 'CN=NTDS SITE
> SETTINGS,CN=loc2,CN=SITES,CN=CONFIGURATION,DC=my,DC=domain'
> Difference in attribute values:
> interSiteTopologyGenerator =>
> [b'CN=NTDS Settings\\0ADEL:4bbda5e7-f07e-4748-9f01-
> 3742c9839bda,CN=dc02\\0ADEL:0ntern']
That is a deleted record.
> [b'CN=NTDS
> Settings,CN=dc02,CN=Servers,CN=loc2,CN=Sites,CN=Configuration,
>
> FAILED
>
> * Result for [CONFIGURATION]: FAILURE
>
> SUMMARY
> ---------
>
> Attributes with different values:
>
> interSiteTopologyGenerator
> ERROR: Compare failed: -1
>
> Those seem to be the source of error.
> Can i manually update them? Im worried i’ll end up worse if i try.
Do not try to manually add them, you could end up with collisions.
I would first run 'samba-tool dbcheck' on each DC and then fix any
errors found, then 'samba-tool drs replicate' to force a replication if
still required.
Rowland
More information about the samba
mailing list