Corrado Ravinetto
2019-Feb-26 13:44 UTC
[Samba] Joining_a_Samba_DC_to_an_Existing_Active_Directory
Hello all this morning i followed wiki in subject to replicate my active directory, but it fails with this error: [root at dc1 etc]# samba-tool drs showrepl Default-First-Site-Name\DC1 DSA Options: 0x00000001 DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f DSA invocationId: 834770f4-c5a7-48c7-bc77-66e2cf37e557 ==== INBOUND NEIGHBORS === DC=ForestDnsZones,DC=lxcerruti,DC=com Default-First-Site-Name\DC2 via RPC DSA object GUID: 2c8db74e-548c-43db-996a-a5287c6aa557 Last attempt @ Tue Feb 26 14:28:28 2019 CET failed, result 1232 (WERR_HOST_UNREACHABLE) 31 consecutive failure(s). Last success @ NTTIME(0) and many rows like this in log.smbd: [2019/02/26 14:33:01.184413, 0] ../source4/librpc/rpc/dcerpc_sock.c:63(continue_socket_connect) Failed to connect host 192.168.4.33 on port 135 - NT_STATUS_HOST_UNREACHABLE [2019/02/26 14:33:01.184547, 0] ../source4/librpc/rpc/dcerpc_sock.c:245(continue_ip_open_socket) Failed to connect host 192.168.4.33 (2c8db74e-548c-43db-996a-a5287c6aa557._msdcs.lxcerruti.com) on port 135 - NT_STATUS_HOST_UNREACHABLE. I have 2 dc named dc1 and dc2 ****** DC1 ****** OS: centos-release-7-6.1810.2.el7.centos.x86_64 SAMBA: Version 4.9.1 compiled from source smb.conf : [global] netbios name = DC1 realm = LXCERRUTI.COM server role = active directory domain controller workgroup = LXCERRUTI idmap_ldb:use rfc2307 = yes dns forwarder = 192.168.1.1 resolv.conf: search lxcerruti.com nameserver 192.168.4.34 nameserver 192.168.4.33 nameserver 192.168.1.1 ****** DC2 ****** OS: centos-release-7-6.1810.2.el7.centos.x86_64 SAMBA: Version 4.9.4 compiled from source smb.conf: [global] netbios name = DC2 realm = LXCERRUTI.COM server role = active directory domain controller workgroup = LXCERRUTI idmap_ldb:use rfc2307 = yes resolv.conf: search lxcerruti.com nameserver 192.168.4.34 nameserver 192.168.4.33 nameserver 192.168.1.1 [root at dc2 etc]# samba-tool drs showrepl Default-First-Site-Name\DC2 DSA Options: 0x00000001 DSA object GUID: 2c8db74e-548c-43db-996a-a5287c6aa557 DSA invocationId: 7084538f-4122-4373-9d42-b19cce814997 ==== INBOUND NEIGHBORS === DC=ForestDnsZones,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET CN=Schema,CN=Configuration,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET CN=Configuration,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET DC=DomainDnsZones,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET ==== OUTBOUND NEIGHBORS === ==== KCC CONNECTION OBJECTS === Connection -- Connection name: 4e04fffb-e248-4fec-b254-47338f1d01a1 Enabled : TRUE Server DNS name : dc1.lxcerruti.com Server DN name : CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lxcerruti,DC=com TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! Any suggestions are appreciated :-) br -- *Corrado Ravinetto *
Corrado Ravinetto
2019-Feb-26 14:02 UTC
[Samba] Joining_a_Samba_DC_to_an_Existing_Active_Directory
Hello all this morning i followed wiki in subject to replicate my active directory, but it fails with this error: [root at dc1 etc]# samba-tool drs showrepl Default-First-Site-Name\DC1 DSA Options: 0x00000001 DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f DSA invocationId: 834770f4-c5a7-48c7-bc77-66e2cf37e557 ==== INBOUND NEIGHBORS === DC=ForestDnsZones,DC=lxcerruti,DC=com Default-First-Site-Name\DC2 via RPC DSA object GUID: 2c8db74e-548c-43db-996a-a5287c6aa557 Last attempt @ Tue Feb 26 14:28:28 2019 CET failed, result 1232 (WERR_HOST_UNREACHABLE) 31 consecutive failure(s). Last success @ NTTIME(0) and many rows like this in log.smbd: [2019/02/26 14:33:01.184413, 0] ../source4/librpc/rpc/dcerpc_sock.c:63(continue_socket_connect) Failed to connect host 192.168.4.33 on port 135 - NT_STATUS_HOST_UNREACHABLE [2019/02/26 14:33:01.184547, 0] ../source4/librpc/rpc/dcerpc_sock.c:245(continue_ip_open_socket) Failed to connect host 192.168.4.33 (2c8db74e-548c-43db-996a-a5287c6aa557._msdcs.lxcerruti.com) on port 135 - NT_STATUS_HOST_UNREACHABLE. I have 2 dc named dc1 and dc2 ****** DC1 ****** OS: centos-release-7-6.1810.2.el7.centos.x86_64 SAMBA: Version 4.9.1 compiled from source smb.conf : [global] netbios name = DC1 realm = LXCERRUTI.COM server role = active directory domain controller workgroup = LXCERRUTI idmap_ldb:use rfc2307 = yes dns forwarder = 192.168.1.1 resolv.conf: search lxcerruti.com nameserver 192.168.4.34 nameserver 192.168.4.33 nameserver 192.168.1.1 ****** DC2 ****** OS: centos-release-7-6.1810.2.el7.centos.x86_64 SAMBA: Version 4.9.4 compiled from source smb.conf: [global] netbios name = DC2 realm = LXCERRUTI.COM server role = active directory domain controller workgroup = LXCERRUTI idmap_ldb:use rfc2307 = yes resolv.conf: search lxcerruti.com nameserver 192.168.4.34 nameserver 192.168.4.33 nameserver 192.168.1.1 [root at dc2 etc]# samba-tool drs showrepl Default-First-Site-Name\DC2 DSA Options: 0x00000001 DSA object GUID: 2c8db74e-548c-43db-996a-a5287c6aa557 DSA invocationId: 7084538f-4122-4373-9d42-b19cce814997 ==== INBOUND NEIGHBORS === DC=ForestDnsZones,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET CN=Schema,CN=Configuration,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET CN=Configuration,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET DC=DomainDnsZones,DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET DC=lxcerruti,DC=com Default-First-Site-Name\DC1 via RPC DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful 0 consecutive failure(s). Last success @ Tue Feb 26 14:37:00 2019 CET ==== OUTBOUND NEIGHBORS === ==== KCC CONNECTION OBJECTS === Connection -- Connection name: 4e04fffb-e248-4fec-b254-47338f1d01a1 Enabled : TRUE Server DNS name : dc1.lxcerruti.com Server DN name : CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lxcerruti,DC=com TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! Any suggestions are appreciated :-) br -- *Corrado Ravinetto *
Marco Gaiarin
2019-Feb-26 16:35 UTC
[Samba] Joining_a_Samba_DC_to_an_Existing_Active_Directory
Mandi! Corrado Ravinetto via samba In chel di` si favelave...> ../source4/librpc/rpc/dcerpc_sock.c:63(continue_socket_connect) > Failed to connect host 192.168.4.33 on port 135 - NT_STATUS_HOST_UNREACHABLESamba is running on both host? There's some firewalling in between? -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)