W2k3 migration to S4
Juan Pablo Lorier
jplorier at gmail.com
Tue Jun 12 12:00:14 MDT 2012
Hi everybody,
I've been trying to migrate our domain from windows to samba4. I have 2
w2k3 as domain controllers and created 2 samba 4 beta 2 (at this time)
servers.
In this 2 samba servers I managed to register them as DCs and setup BIND
as slaves for the Win DNS (this way I replicated everything externally
as I quite still don't get if I need to compile samba for bind_dlz or
it's already a default).
I'm now checking everything from the samba side to see if it's working
fine, but got lot of things I need to ask for.
I'll put my commentos in blue so they can be more visible between the
logs pastes
First, I got this errors in both samba DCs
IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
[2012/06/12 11:36:30, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
[2012/06/12 11:36:33, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
[2012/06/12 11:36:40, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
[2012/06/12 11:36:40, 0]
../source4/dsdb/repl/drepl_out_helpers.c:829(dreplsrv_update_refs_done)
UpdateRefs failed with WERR_DS_DRA_BUSY/NT code 0xc00020f6 for
f0658d7e-7b99-4def-bc69-1cbcc2aa5742._msdcs.montecarlotv.com.uy
DC=montecarlotv,DC=com,DC=uy
[2012/06/12 11:36:43, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
[2012/06/12 11:36:53, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for - NT_STATUS_IO_TIMEOUT
[2012/06/12 11:37:03, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_IO_TIMEOUT
The WERR_DS_DRA_BUSY/NT error refers to the sambaDC1 itself that is
where the log fragment was taken from. In the other server only shows
the DsReplicaSync error.
I think that most of this may be caused by the way I've setup the DNS
servers. As a way of testing BIND replication as slaves, I've set the
DNS option of the win DHCP server to the BIND servers instead of the win
DNS (it's working fine for the clients) and maybe this is messing up
with samba trying to replicate against the samba server themselves
instead of the win servers.
Other thing is that DNS is not correctly synchronising from the samba
side, if I samba-tool dns query the servers, they return a list of
mostly names without A records:
/usr/local/samba/bin/samba-tool dns query sambaDC1 montecarlotv.com.uy @
ALL -U administrador
Password for [CANAL4\administrador]:
Name=, Records=0, Children=0
Name=64CB0F5A, Records=0, Children=0
Name=64CB0F86, Records=0, Children=0
Name=_msdcs, Records=0, Children=6
Name=_sites, Records=0, Children=1
Name=_tcp, Records=0, Children=4
Name=_udp, Records=0, Children=2
Name=aborques-w7, Records=1, Children=0
A: 192.168.6.92 (flags=f0, serial=15462, ttl=1200)
Name=ademartino-ws, Records=0, Children=0
Name=ads1, Records=2, Children=0
A: 192.168.2.55 (flags=f0, serial=15492, ttl=3600)
A: 192.168.128.55 (flags=f0, serial=15492, ttl=3600)
Name=ALARRABURU-PC, Records=1, Children=0
A: 192.168.11.123 (flags=f0, serial=15481, ttl=1200)
Name=alfredo-pc, Records=0, Children=0
Name=algocontigo-nb, Records=0, Children=0
Name=ALLONE, Records=0, Children=0
Name=almacen, Records=0, Children=0
Name=almacen-ws, Records=0, Children=0
Name=alopez, Records=0, Children=0
Name=alopez--pc, Records=0, Children=0
Name=alpha, Records=0, Children=0
Name=android_bb2773c0e1d90342, Records=0, Children=0
Name=android_dccd3641b8ef31c1, Records=0, Children=0
Name=antispam, Records=0, Children=0
Name=archivotn, Records=0, Children=0
Name=arnunez-pc, Records=0, Children=0
Name=bdc, Records=0, Children=0
Name=bdu-nb, Records=1, Children=0
A: 192.168.2.135 (flags=f0, serial=15465, ttl=900)
Name=BDU-prod, Records=0, Children=0
Name=bdubdu-ws, Records=0, Children=0
Name=BMC_DHCP, Records=0, Children=0
Name=borques-ws, Records=0, Children=0
Name=BRODRIGUEZ--PC, Records=0, Children=0
Name=buendia-wxp, Records=0, Children=0
Name=caballero-ws, Records=0, Children=0
Name=CABUARAB-7, Records=0, Children=0
Name=CABUARAB-W7, Records=0, Children=0
Name=CABUARAB-WS, Records=0, Children=0
Name=cadete-ws, Records=0, Children=0
Name=centos, Records=0, Children=0
Name=cmesa, Records=0, Children=0
Name=cobranza-ws, Records=0, Children=0
Name=cont-spatrone-pc, Records=0, Children=0
Name=Contadora, Records=0, Children=0
Name=contenidos1, Records=0, Children=0
Name=correo, Records=0, Children=0
Name=correo2, Records=0, Children=0
Name=CREGUEIRO-PC, Records=0, Children=0
Name=cregueiro-ws, Records=0, Children=0
Name=CROMANOFF, Records=0, Children=0
Name=david, Records=0, Children=0
Name=dbserver01, Records=0, Children=0
Name=desarrollo, Records=1, Children=0
A: 192.168.2.150 (flags=f0, serial=15415, ttl=1200)
Name=desarrollo-pc, Records=0, Children=0
Name=DOLIVAR-W7, Records=0, Children=0
Name=Dolivar-ws, Records=0, Children=0
Name=DomainDnsZones, Records=0, Children=2
Name=ds, Records=0, Children=0
Name=EDITORES-PC, Records=0, Children=0
Name=eferrari-ws, Records=0, Children=0
Name=emayone, Records=0, Children=0
Name=EMAYONE-W7, Records=0, Children=0
Name=emayone-ws, Records=0, Children=0
Name=EPSONC566BF, Records=0, Children=0
Name=eqp011, Records=0, Children=0
Name=eset-srv, Records=0, Children=0
Name=fabianc-pc, Records=0, Children=0
Name=fgiancola, Records=0, Children=0
Name=FGIANCOLA-PC, Records=1, Children=0
A: 192.168.11.79 (flags=f0, serial=15517, ttl=1200)
Name=FILMOTECA, Records=0, Children=0
Name=FILMOTECA-PC, Records=1, Children=0
A: 192.168.6.87 (flags=f0, serial=15456, ttl=1200)
Name=filmoteca2, Records=0, Children=0
Name=filmoteca_pc, Records=0, Children=0
Name=Fimoteca2, Records=0, Children=0
Name=firewall, Records=0, Children=0
Name=firewall0, Records=0, Children=0
Name=firewall2, Records=0, Children=0
Name=fnoya-pc, Records=0, Children=0
Name=fnoya-ws, Records=0, Children=0
Name=ForestDnsZones, Records=0, Children=2
Name=ftarrago, Records=0, Children=0
Name=ftarrago-ws, Records=0, Children=0
Name=ftp, Records=0, Children=0
Name=ftpviejo, Records=0, Children=0
Name=ggrasso-eqp, Records=0, Children=0
Name=grabadortn1, Records=0, Children=0
Name=grabadortn2, Records=0, Children=0
Name=grabadortn3, Records=0, Children=0
Name=GRAFICOS-T3500A, Records=0, Children=0
Name=GRAFICOS-T3500B, Records=1, Children=0
A: 192.168.6.61 (flags=f0, serial=15438, ttl=1200)
Name=GRAFICOS390, Records=1, Children=0
A: 192.168.6.64 (flags=f0, serial=15445, ttl=1200)
Name=GRAFICOSQUAD, Records=1, Children=0
A: 192.168.6.67 (flags=f0, serial=15446, ttl=1200)
Name=GranHermano-1, Records=0, Children=0
Name=GranHermano-2, Records=0, Children=0
Name=gsanvicente, Records=0, Children=0
Name=gsorrondeguy-eqp, Records=0, Children=0
Name=guardia2-ws, Records=0, Children=0
Name=guardias-pc, Records=1, Children=0
A: 192.168.6.77 (flags=f0, serial=15513, ttl=1200)
Name=HPfaxSecretaria, Records=0, Children=0
Name=hquirque, Records=0, Children=0
Name=hquirque-ws, Records=0, Children=0
Name=JGimenez-nb, Records=1, Children=0
A: 192.168.12.117 (flags=f0, serial=15516, ttl=1200)
Name=jmartinez-nb, Records=1, Children=0
A: 192.168.11.91 (flags=f0, serial=15454, ttl=1200)
Name=lorena-ws, Records=0, Children=0
Name=MacPro-3, Records=1, Children=0
A: 192.168.2.158 (flags=f0, serial=15476, ttl=900)
Name=macpro1, Records=0, Children=0
Name=macpro3, Records=6, Children=0
A: 192.168.6.82 (flags=f0, serial=15448, ttl=3600)
A: 192.168.6.64 (flags=f0, serial=15448, ttl=86400)
A: 192.168.11.139 (flags=f0, serial=15448, ttl=86400)
A: 192.168.6.61 (flags=f0, serial=15448, ttl=86400)
A: 192.168.6.69 (flags=f0, serial=15448, ttl=86400)
A: 192.168.6.74 (flags=f0, serial=15448, ttl=86400)
Name=macpro_1, Records=0, Children=0
Name=mant-tec, Records=1, Children=0
A: 192.168.6.69 (flags=f0, serial=15447, ttl=900)
Name=MARKETING-NB, Records=0, Children=0
Name=masstech, Records=0, Children=0
Name=master, Records=0, Children=0
Name=mguerrero, Records=0, Children=0
Name=MMOSCA-PC, Records=0, Children=0
Name=MMOSCA-THINK, Records=0, Children=0
Name=mmunilla-ws, Records=0, Children=0
Name=montecar-c04414, Records=0, Children=0
Name=movil, Records=0, Children=0
Name=MROBLES-PC, Records=1, Children=0
A: 192.168.11.83 (flags=f0, serial=15510, ttl=1200)
Name=oracle, Records=0, Children=0
Name=PBIDEGAIN-PC, Records=0, Children=0
Name=pbidegain-ws, Records=0, Children=0
Name=pbx, Records=0, Children=0
Name=pc1, Records=0, Children=0
Name=PCRELOJ, Records=0, Children=0
Name=pdc, Records=0, Children=0
Name=PrinterSrvUSB, Records=0, Children=0
Name=produccion2, Records=0, Children=0
Name=promociones2, Records=0, Children=0
Name=ramiro-pc, Records=0, Children=0
Name=raquelpc, Records=0, Children=0
Name=rastreadora, Records=1, Children=0
A: 192.168.2.109 (flags=f0, serial=15419, ttl=900)
Name=rbaillo, Records=0, Children=0
Name=rbaillo-ws, Records=0, Children=0
Name=rbdu, Records=0, Children=0
Name=resara-server, Records=0, Children=0
Name=rhevm, Records=0, Children=0
Name=rmartinez-ws, Records=0, Children=0
Name=romay-nb, Records=0, Children=0
Name=router, Records=0, Children=0
Name=RRHH-W7, Records=1, Children=0
A: 192.168.6.86 (flags=f0, serial=15451, ttl=1200)
Name=RRHH-WS, Records=0, Children=0
Name=rtemes-ws, Records=0, Children=0
Name=sambadc1, Records=0, Children=0
Name=sambadc2, Records=0, Children=0
Name=san, Records=0, Children=0
Name=sanson, Records=0, Children=0
Name=sislen, Records=0, Children=0
Name=sistemas, Records=0, Children=0
Name=sistemas-c77a8f, Records=0, Children=0
Name=sonidoemule, Records=0, Children=0
Name=sonidomacA, Records=0, Children=0
Name=sonidomacamonte, Records=0, Children=0
Name=SPATRONE-WS, Records=0, Children=0
Name=spnario-pc, Records=0, Children=0
Name=squidrast, Records=0, Children=0
Name=srv-mm, Records=1, Children=0
A: 192.168.2.59 (flags=f0, serial=15501, ttl=3600)
Name=srvora, Records=0, Children=0
Name=STREAM-PC, Records=0, Children=0
Name=T4-7-EQP, Records=0, Children=0
Name=tecnica-telenoche, Records=0, Children=0
Name=telefonista, Records=0, Children=0
Name=telenoch-pc, Records=0, Children=0
Name=telenoche-2, Records=0, Children=0
Name=telenoche-lnv1, Records=0, Children=0
Name=telenoche-lvn1, Records=0, Children=0
Name=telenoche1, Records=0, Children=0
Name=telenoir, Records=0, Children=0
Name=tn-internet-3, Records=0, Children=0
Name=tn-internet3, Records=1, Children=0
A: 192.168.2.185 (flags=f0, serial=15496, ttl=900)
Name=tn-mesa3, Records=1, Children=0
A: 192.168.2.160 (flags=f0, serial=15479, ttl=900)
Name=uynotegu1, Records=1, Children=0
A: 192.168.2.102 (flags=f0, serial=15491, ttl=900)
Name=uysgonzal3z, Records=0, Children=0
Name=uyvdiaz2, Records=1, Children=0
A: 192.168.2.142 (flags=f0, serial=15410, ttl=900)
Name=vcamps-ws, Records=0, Children=0
Name=ventas, Records=0, Children=0
Name=VENTAS-NBVF, Records=0, Children=0
Name=ventas1, Records=1, Children=0
A: 192.168.11.126 (flags=f0, serial=15515, ttl=1200)
Name=ventas3, Records=1, Children=0
A: 192.168.2.128 (flags=f0, serial=15425, ttl=1200)
A: 192.168.6.79 (flags=f0, serial=15450, ttl=1200)
Name=XRX_0000AA965F30, Records=0, Children=0
Name=zeus, Records=0, Children=0
The replica seems to work in parts (except for the timeouts in the log)
as the samba-tool shows success with the win servers:
/usr/local/samba/bin/samba-tool drs showrepl
Nombre-predeterminado-primer-sitio\SAMBADC1
DSA Options: 0x00000001
DSA object GUID: f0658d7e-7b99-4def-bc69-1cbcc2aa5742
DSA invocationId: 86649b1f-c393-4f3b-b113-9336c7b70bff
==== INBOUND NEIGHBORS ====
DC=DomainDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
DC=DomainDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
DC=DomainDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
DC=ForestDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
DC=ForestDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
DC=ForestDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:46:43 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:43 2012 UYT
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ Tue Jun 12 11:46:44 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:44 2012 UYT
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\VPDC via RPC
DSA object GUID: 82d713a4-cb7c-4a16-8efd-e39f052ddd6c
Last attempt @ Tue Jun 12 11:46:44 2012 UYT failed, result 2
(WERR_BADFILE)
53023 consecutive failure(s).
Last success @ NTTIME(0)
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:46:44 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:44 2012 UYT
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:46:44 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:44 2012 UYT
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ Tue Jun 12 11:46:44 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:44 2012 UYT
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\VPDC via RPC
DSA object GUID: 82d713a4-cb7c-4a16-8efd-e39f052ddd6c
Last attempt @ Tue Jun 12 11:46:44 2012 UYT failed, result 2
(WERR_BADFILE)
53023 consecutive failure(s).
Last success @ NTTIME(0)
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:46:45 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:45 2012 UYT
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:46:45 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:45 2012 UYT
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ Tue Jun 12 11:46:45 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:45 2012 UYT
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\VPDC via RPC
DSA object GUID: 82d713a4-cb7c-4a16-8efd-e39f052ddd6c
Last attempt @ Tue Jun 12 11:46:45 2012 UYT failed, result 2
(WERR_BADFILE)
53023 consecutive failure(s).
Last success @ NTTIME(0)
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:46:45 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:46:45 2012 UYT
==== OUTBOUND NEIGHBORS ====
DC=DomainDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=ForestDnsZones,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:38:52 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:38:52 2012 UYT
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:38:52 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:38:52 2012 UYT
CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:38:52 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:38:52 2012 UYT
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:38:52 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:38:52 2012 UYT
CN=Schema,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\ADS1 via RPC
DSA object GUID: 791ba4cd-2a04-4c91-8c0c-fd68660f9c00
Last attempt @ Tue Jun 12 11:38:52 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:38:52 2012 UYT
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SRV-MM via RPC
DSA object GUID: f4f6a5c1-019e-4f43-8b9c-cd7421807a25
Last attempt @ Tue Jun 12 11:38:52 2012 UYT was successful
0 consecutive failure(s).
Last success @ Tue Jun 12 11:38:52 2012 UYT
DC=montecarlotv,DC=com,DC=uy
Nombre-predeterminado-primer-sitio\SAMBADC2 via RPC
DSA object GUID: 131b04bb-7c4d-4970-af6f-e0b9b5089de7
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: 2e571bb4-f625-48af-b980-fc3d363e89c1
Enabled : TRUE
Server DNS name : SAMBADC1.montecarlotv.com.uy
Server DN name : CN=NTDS
Settings,CN=SAMBADC2,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: aad5ad6c-6b64-49c6-b0d6-ef892fbdb0ff
Enabled : TRUE
Server DNS name : SAMBADC1.montecarlotv.com.uy
Server DN name : CN=NTDS
Settings,CN=ADS1,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: d01c119d-6bd5-4fe8-ac9f-313dd4ac3eac
Enabled : TRUE
Server DNS name : SAMBADC1.montecarlotv.com.uy
Server DN name : CN=NTDS
Settings,CN=SRV-MM,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: f0bdb815-d181-440e-a916-33c4cfeaaf09
Enabled : TRUE
Server DNS name : SAMBADC1.montecarlotv.com.uy
Server DN name : CN=NTDS
Settings,CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
I've followed the list for the last two weeks and saw an error for KDC
server, but I don't get how to adapt his case to mine to test the solution.
If I run dnsupdate to refresh the records, it claims that there's
nothing to sync:
/usr/local/samba/sbin/samba_dnsupdate --verbose
IPs: ['fe80::216:3eff:fe7b:5916%eth0', '192.168.128.206']
Skipping PDC entry (SRV
_ldap._tcp.pdc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389) as
we are not a PDC
Skipping PDC entry (SRV
_ldap._tcp.pdc._msdcs.${DNSFOREST} ${HOSTNAME} 389) as
we are not a PDC
Looking for DNS entry A montecarlotv.com.uy 192.168.128.206 as
montecarlotv.com.uy.
Looking for DNS entry A sambadc1.montecarlotv.com.uy 192.168.128.206 as
sambadc1.montecarlotv.com.uy.
Looking for DNS entry A gc._msdcs.montecarlotv.com.uy 192.168.128.206 as
gc._msdcs.montecarlotv.com.uy.
Looking for DNS entry CNAME
f0658d7e-7b99-4def-bc69-1cbcc2aa5742._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy as
f0658d7e-7b99-4def-bc69-1cbcc2aa5742._msdcs.montecarlotv.com.uy.
Looking for DNS entry SRV _kpasswd._tcp.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 464 as _kpasswd._tcp.montecarlotv.com.uy.
Checking 0 100 464 ads1.montecarlotv.com.uy. against SRV
_kpasswd._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Checking 0 100 464 srv-mm.montecarlotv.com.uy. against SRV
_kpasswd._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Checking 0 100 464 sambadc2.montecarlotv.com.uy. against SRV
_kpasswd._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Checking 0 100 464 sambadc1.montecarlotv.com.uy. against SRV
_kpasswd._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Looking for DNS entry SRV _kpasswd._udp.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 464 as _kpasswd._udp.montecarlotv.com.uy.
Checking 0 100 464 srv-mm.montecarlotv.com.uy. against SRV
_kpasswd._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Checking 0 100 464 sambadc2.montecarlotv.com.uy. against SRV
_kpasswd._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Checking 0 100 464 ads1.montecarlotv.com.uy. against SRV
_kpasswd._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Checking 0 100 464 sambadc1.montecarlotv.com.uy. against SRV
_kpasswd._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 464
Looking for DNS entry SRV _kerberos._tcp.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88 as _kerberos._tcp.montecarlotv.com.uy.
Checking 0 100 88 ads1.montecarlotv.com.uy. against SRV
_kerberos._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 srv-mm.montecarlotv.com.uy. against SRV
_kerberos._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc2.montecarlotv.com.uy. against SRV
_kerberos._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc1.montecarlotv.com.uy. against SRV
_kerberos._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88 as
_kerberos._tcp.dc._msdcs.montecarlotv.com.uy.
Checking 0 100 88 sambadc2.montecarlotv.com.uy. against SRV
_kerberos._tcp.dc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 ads1.montecarlotv.com.uy. against SRV
_kerberos._tcp.dc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc1.montecarlotv.com.uy. against SRV
_kerberos._tcp.dc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Looking for DNS entry SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88 as
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy.
Checking 0 100 88 ads1.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc2.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 srv-mm.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc1.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Looking for DNS entry SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88 as
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy.
Checking 0 100 88 ads1.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 srv-mm.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc1.montecarlotv.com.uy. against SRV
_kerberos._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88
Looking for DNS entry SRV _kerberos._udp.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 88 as _kerberos._udp.montecarlotv.com.uy.
Checking 0 100 88 ads1.montecarlotv.com.uy. against SRV
_kerberos._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc2.montecarlotv.com.uy. against SRV
_kerberos._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 srv-mm.montecarlotv.com.uy. against SRV
_kerberos._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Checking 0 100 88 sambadc1.montecarlotv.com.uy. against SRV
_kerberos._udp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 88
Looking for DNS entry SRV _ldap._tcp.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389 as _ldap._tcp.montecarlotv.com.uy.
Checking 0 100 389 sambadc2.montecarlotv.com.uy. against SRV
_ldap._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 srv-mm.montecarlotv.com.uy. against SRV
_ldap._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 ads1.montecarlotv.com.uy. against SRV
_ldap._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 389
Looking for DNS entry SRV _ldap._tcp.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389 as
_ldap._tcp.dc._msdcs.montecarlotv.com.uy.
Checking 0 100 389 ads1.montecarlotv.com.uy. against SRV
_ldap._tcp.dc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.dc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 389
Looking for DNS entry SRV _ldap._tcp.gc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268 as
_ldap._tcp.gc._msdcs.montecarlotv.com.uy.
Checking 0 100 3268 sambadc2.montecarlotv.com.uy. against SRV
_ldap._tcp.gc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 3268
Checking 0 100 3268 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.gc._msdcs.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 3268
Looking for DNS entry SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389 as
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy.
Checking 0 100 389 sambadc2.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Looking for DNS entry SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389 as
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy.
Checking 0 100 389 ads1.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 srv-mm.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc2.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.dc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Looking for DNS entry SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.gc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268 as
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.gc._msdcs.montecarlotv.com.uy.
Checking 0 100 3268 sambadc2.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.gc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268
Checking 0 100 3268 srv-mm.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.gc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268
Checking 0 100 3268 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.nombre-predeterminado-primer-sitio._sites.gc._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268
Looking for DNS entry SRV
_ldap._tcp.f9a44048-4010-4c15-a197-46267bca489c.domains._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389 as
_ldap._tcp.f9a44048-4010-4c15-a197-46267bca489c.domains._msdcs.montecarlotv.com.uy.
Checking 0 100 389 srv-mm.montecarlotv.com.uy. against SRV
_ldap._tcp.f9a44048-4010-4c15-a197-46267bca489c.domains._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc2.montecarlotv.com.uy. against SRV
_ldap._tcp.f9a44048-4010-4c15-a197-46267bca489c.domains._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 ads1.montecarlotv.com.uy. against SRV
_ldap._tcp.f9a44048-4010-4c15-a197-46267bca489c.domains._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Checking 0 100 389 sambadc1.montecarlotv.com.uy. against SRV
_ldap._tcp.f9a44048-4010-4c15-a197-46267bca489c.domains._msdcs.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 389
Looking for DNS entry SRV _gc._tcp.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268 as _gc._tcp.montecarlotv.com.uy.
Checking 0 100 3268 sambadc2.montecarlotv.com.uy. against SRV
_gc._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 3268
Checking 0 100 3268 sambadc1.montecarlotv.com.uy. against SRV
_gc._tcp.montecarlotv.com.uy sambadc1.montecarlotv.com.uy 3268
Looking for DNS entry SRV
_gc._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268 as
_gc._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy.
Checking 0 100 3268 sambadc1.montecarlotv.com.uy. against SRV
_gc._tcp.nombre-predeterminado-primer-sitio._sites.montecarlotv.com.uy
sambadc1.montecarlotv.com.uy 3268
No DNS updates needed
Sorry for the long logs, I've cutted irrelevant parts as much as I could.
The windows DNS servers are still the autoritative for the zone, so I
don't know why the samba DCs try to use the local DNS (I have resolve
pointing the ADS1 win server) as this may be the reason many things work
in halves.
How do I know if samba is using BIND or the internal DNS? When I start
BIND I see the DLZ entries with no error, but it doesn't meen the samba
is using them at all.
Regards,
Juan Pablo Lorier
More information about the samba-technical
mailing list