On Thu, 17 May 2018 16:58:13 -0300 Carlos via samba <samba at lists.samba.org> wrote:> Hi! > > In "NTDS settings" created new connection for: > > DC2 ->DC3 > > DC3 -> DC2 > > All OK, > > I tested with option > > kccsrv:samba_kcc=No > > is ok too. > > But in my DC2, a received one erro: > > May 17 16:54:44 dc2 samba[10421]: [2018/05/17 16:54:44.543336, 0] > ../source4/dsdb/repl/drepl_out_helpers.c:1087(dreplsrv_update_refs_done) > May 17 16:54:44 dc2 samba[10421]: UpdateRefs failed with > WERR_DS_DRA_ACCESS_DENIED/NT code 0xc0002105 for > 24079507-bf7b-4c96-b107-cd22d7680011._msdcs.XXXXXX > DC=DomainDnsZones,DC=XXX,DC=XXX,DC=XXX,DC=XXX > > But 24079507-bf7b-4c96-b107-cd22d7680011._msdcs.XXXXXXX is DC2.... > > Any ideia ? >You are using SITES, every DC shouldn't replicate to every DC. You should have replication between DCs in each site and between sites. This is how it is supposed to work, you have just changed it back to how Samba AD used to work, before somebody made it work correctly. Rowland
I understand, but dont replication between sites, is my problem.... Regards; On 17-05-2018 17:08, Rowland Penny via samba wrote:> On Thu, 17 May 2018 16:58:13 -0300 > Carlos via samba <samba at lists.samba.org> wrote: > >> Hi! >> >> In "NTDS settings" created new connection for: >> >> DC2 ->DC3 >> >> DC3 -> DC2 >> >> All OK, >> >> I tested with option >> >> kccsrv:samba_kcc=No >> >> is ok too. >> >> But in my DC2, a received one erro: >> >> May 17 16:54:44 dc2 samba[10421]: [2018/05/17 16:54:44.543336, 0] >> ../source4/dsdb/repl/drepl_out_helpers.c:1087(dreplsrv_update_refs_done) >> May 17 16:54:44 dc2 samba[10421]: UpdateRefs failed with >> WERR_DS_DRA_ACCESS_DENIED/NT code 0xc0002105 for >> 24079507-bf7b-4c96-b107-cd22d7680011._msdcs.XXXXXX >> DC=DomainDnsZones,DC=XXX,DC=XXX,DC=XXX,DC=XXX >> >> But 24079507-bf7b-4c96-b107-cd22d7680011._msdcs.XXXXXXX is DC2.... >> >> Any ideia ? >> > You are using SITES, every DC shouldn't replicate to every DC. You > should have replication between DCs in each site and between sites. > This is how it is supposed to work, you have just changed it back to > how Samba AD used to work, before somebody made it work correctly. > > Rowland >
On Thu, 17 May 2018 17:19:17 -0300 Carlos via samba <samba at lists.samba.org> wrote:> I understand, but dont replication between sites, is my problem.... > > Regards; >Lets start by confirming if this is your setup: Matriz site Filail DC1 --------------- DC3 | | | | DC2 DC4 That is, DC1 & DC2 are in the Matriz site and DC3 & DC4 are the Filail site If that is correct, does DC1 replicate to DC2 and does DC3 replicate to DC4 ? Following on from that, does DC1 replicate to DC3 Rowland