[Samba] No RID Set found for this server. Can't self-allocate

Rowland Penny rpenny at samba.org
Thu May 23 07:50:33 UTC 2024 

On Wed, 22 May 2024 18:11:17 +0200
Felipe Martínez Hermo via samba <samba at lists.samba.org> wrote:

> Hi, there
> 
> I have been checking connections between my servers, trying to find
> the reason why my trouble server (VIG-DC3) does not reach the RID
> Madster.
> 
> I have to describe my topology a little better.
> 
> These are my servers:
> 
> (Root) SAMBADC -> FSMO Roles Owner, including RID Master
> 
> (First level node) STG-DC -> Syncs correctly with SAMBADC (samba-tool 
> drs replicate reports successful)
> 
> (Second level nodes)
> OUR-DC (DOES have a RID set). Replicates with both SAMBADC and STG-DC
> ===================================
> samba-tool drs replicate our-dc sambadc dc=ugt,dc=ldap
> Replicate from sambadc to our-dc was successful.
> samba-tool drs replicate our-dc sambadc
> dc=ForestDnsZones,dc=ugt,dc=ldap Replicate from sambadc to our-dc was
> successful. samba-tool drs replicate our-dc sambadc
> dc=DomainDnsZones,dc=ugt,dc=ldap Replicate from sambadc to our-dc was
> successful. samba-tool drs replicate our-dc sambadc
> cn=configuration,dc=ugt,dc=ldap Replicate from sambadc to our-dc was
> successful. samba-tool drs replicate our-dc sambadc 
> cn=Schema,cn=configuration,dc=ugt,dc=ldap
> Replicate from sambadc to our-dc was successful.
> ===================================
> 
> VIG-DC3 (does NOT have a RID set). Replicates with STG-DC, fails to 
> replicate with SAMBA-DC
> ===================================
> samba-tool drs replicate vig-dc3 stg-dc dc=ugt,dc=ldap
> Replicate from stg-dc to vig-dc3 was successful.
> samba-tool drs replicate vig-dc3 stg-dc
> dc=ForestDnsZones,dc=ugt,dc=ldap Replicate from stg-dc to vig-dc3 was
> successful. samba-tool drs replicate vig-dc3 stg-dc
> dc=DomainDnsZones,dc=ugt,dc=ldap Replicate from stg-dc to vig-dc3 was
> successful. samba-tool drs replicate vig-dc3 stg-dc
> cn=configuration,dc=ugt,dc=ldap Replicate from stg-dc to vig-dc3 was
> successful. samba-tool drs replicate vig-dc3 stg-dc 
> cn=Schema,cn=configuration,dc=ugt,dc=ldap
> Replicate from stg-dc to vig-dc3 was successful.
> 
> root at vig-dc3:~# adsync.sh sambadc vig-dc3
> 
> samba-tool drs replicate vig-dc3 sambadc dc=ugt,dc=ldap
> ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - 
> drsException: DsReplicaSync failed (8453, 'WERR_DS_DRA_ACCESS_DENIED')

Have you checked the firewall isn't blocking any required ports ?

Rowland

More information about the samba mailing list