Am 13.03.19 um 13:25 schrieb Stefan G. Weichinger via samba:> My DC1 is named "PRE01SVDEB02" > and DC2 = "PRE01SVDEB03"checked for resolv.conf and DNS-pointers again. made sure that all 3 FQDNs (2 DCs, one DM) resolve from the servers. showrepl is happy again on DC1, but still fails on/to DC2 hm manual replicate: no progress or success visible (either from DC1 or DC2) - compared smb.confs ... raised log level on DC2 and see this in log.samba now: # tail -f log.samba [2019/03/13 13:55:19.905976, 0] ../source4/smbd/server.c:674(binary_smbd_main) binary_smbd_main: samba: using 'standard' process model [2019/03/13 13:55:34.957655, 1] ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part) Doing a full scan on DC=ForestDnsZones,DC=mytld,DC=at and looking for deleted objects [2019/03/13 13:55:34.958862, 1] ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part) Doing a full scan on DC=DomainDnsZones,DC=mytld,DC=at and looking for deleted objects [2019/03/13 13:55:34.960768, 1] ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part) Doing a full scan on DC=mytld,DC=at and looking for deleted objects [2019/03/13 13:55:34.968403, 1] ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part) Doing a full scan on CN=Configuration,DC=mytld,DC=at and looking for deleted objects ... maybe I just have to wait now? greets from the drama queen Stefan
Am 13.03.19 um 13:57 schrieb Stefan G. Weichinger via samba:> maybe I just have to wait now?loglevel 4 on DC2 [2019/03/13 14:38:55.729004, 3] ../source4/dsdb/repl/drepl_service.c:206(_drepl_schedule_replication) _drepl_schedule_replication: forcing sync of partition (61081d43-e55d-4791-9d4c-e87f036a8772, DC=DomainDnsZones,DC=pilsbacher,DC=at, e5922d4b-9bf0-4c79-b256-ff5f75a3e4f4._msdcs.mytld.at) but no progress - I let my fingers off it for now ... new user(s) needed there next week.
Greetings drama queen Stefan.... ;-) hehe :-)) Yes, wait.. Or reboot DC1, wait 5-10 min reboot DC2, wait 5-10 min. The waiting can be shorter is the AD is not so big. I suggest you have a look at this. (Rowland, look away... ;-)) A sample for a systemd setup, i'm working towards Debian Buster now, see : https://release.debian.org/ [2019-Mar-12] Bits from the Release Team: Debian 10 'buster' is frozen; let's get it in shape This shows the change to systemd-networkd ( and timedate and timesyncd and resolv.conf setup ) Get this script: https://raw.githubusercontent.com/thctlo/debian-scripts/master/setup-systemd-networkd.sh The script does not change anything to your system, so its really save to use/test with it. - It allows you to easy switch to a systemd-networkd setup and the script wil explain things for you. - It looks up the current settings and generated a systemd network file for you. The file is placed in the folder you run this. - Its focused on LAN and ipv4 only, member and AD-DC servers in a LAN. - It does backup the files : /etc/network/interfaces and /etc/resolv.conf - It generates the file : lan-addc-dev-eth0.network or lan-member-dev-eth0.network Interface eth0 wil change to your systems its own interface automaticly. Config assumes the following for AD-DC The server has 1 ip, 1 search domain and also the DNS and TIME servers. Config assumes the following for a member: This server has 1 ip, 1 search domain and AD-DC's are also the DNS and TIME servers. And these servers are in a LAN and no ipv6 is used. Tested on Debian 9 servers. Improvements, suggestions, well its on github.. Or pm me. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Stefan G. Weichinger via samba > Verzonden: woensdag 13 maart 2019 14:40 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] replication fails > > Am 13.03.19 um 13:57 schrieb Stefan G. Weichinger via samba: > > > maybe I just have to wait now? > > loglevel 4 on DC2 > > > [2019/03/13 14:38:55.729004, 3] > ../source4/dsdb/repl/drepl_service.c:206(_drepl_schedule_replication) > _drepl_schedule_replication: forcing sync of partition > (61081d43-e55d-4791-9d4c-e87f036a8772, > DC=DomainDnsZones,DC=pilsbacher,DC=at, > e5922d4b-9bf0-4c79-b256-ff5f75a3e4f4._msdcs.mytld.at) > > > but no progress > > - > > I let my fingers off it for now ... new user(s) needed there > next week. > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On Wed, 13 Mar 2019 16:02:20 +0100 "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:> Greetings drama queen Stefan.... ;-) hehe :-)) > > Yes, wait.. > > Or reboot DC1, wait 5-10 min reboot DC2, wait 5-10 min. > The waiting can be shorter is the AD is not so big. > > I suggest you have a look at this. (Rowland, look away... ;-))Too late, I looked ;-)> A sample for a systemd setup, i'm working towards Debian Buster now, > see : https://release.debian.org/ > [2019-Mar-12] Bits from the Release Team: Debian 10 'buster' is > frozen; let's get it in shape > > This shows the change to systemd-networkd ( and timedate and > timesyncd and resolv.conf setup ) > > Get this script: > https://raw.githubusercontent.com/thctlo/debian-scripts/master/setup-systemd-networkd.sh > > The script does not change anything to your system, so its really > save to use/test with it. > > - It allows you to easy switch to a systemd-networkd setup and the > script wil explain things for you. > - It looks up the current settings and generated a systemd network > file for you. The file is placed in the folder you run this. > > - Its focused on LAN and ipv4 only, member and AD-DC servers in a > LAN. > - It does backup the files : /etc/network/interfaces > and /etc/resolv.conf > - It generates the file : lan-addc-dev-eth0.network or > lan-member-dev-eth0.network Interface eth0 wil change to your systems > its own interface automaticly. > > Config assumes the following for AD-DC > The server has 1 ip, 1 search domain and also the DNS and TIME > servers. > > Config assumes the following for a member: > This server has 1 ip, 1 search domain and AD-DC's are also the DNS > and TIME servers. > > And these servers are in a LAN and no ipv6 is used. > > Tested on Debian 9 servers. > > Improvements, suggestions, well its on github.. > Or pm me. > > > Greetz, > > LouisIf systemd is so good, why do you have to jump through hoops to get something to work correctly ? Not knocking systemd, if you want to use it, then OK, but it isn't for me ;-) Rowland
Am 13.03.19 um 16:02 schrieb L.P.H. van Belle via samba:> Greetings drama queen Stefan.... ;-) hehe :-));-) 3000 errors ... I mean ... what?> Yes, wait.. > > Or reboot DC1, wait 5-10 min reboot DC2, wait 5-10 min. > The waiting can be shorter is the AD is not so big.~30 users: small maybe I risk a DC1 reboot after 6pm Not much time tmrw, so I am hesitating. Otherwise I'd like to have it solved (again/for a a while).> I suggest you have a look at this. (Rowland, look away... ;-)) > A sample for a systemd setup, i'm working towards Debian Buster now, see : > https://release.debian.org/ > [2019-Mar-12] Bits from the Release Team: Debian 10 'buster' is frozen; let's get it in shape > > This shows the change to systemd-networkd ( and timedate and timesyncd and resolv.conf setup ) > > Get this script: > https://raw.githubusercontent.com/thctlo/debian-scripts/master/setup-systemd-networkd.sh > > The script does not change anything to your system, so its really save to use/test with it. > > - It allows you to easy switch to a systemd-networkd setup and the script wil explain things for you. > - It looks up the current settings and generated a systemd network file for you. > The file is placed in the folder you run this. > > - Its focused on LAN and ipv4 only, member and AD-DC servers in a LAN. > - It does backup the files : /etc/network/interfaces and /etc/resolv.conf > - It generates the file : lan-addc-dev-eth0.network or lan-member-dev-eth0.network > Interface eth0 wil change to your systems its own interface automaticly. > > Config assumes the following for AD-DC > The server has 1 ip, 1 search domain and also the DNS and TIME servers. > > Config assumes the following for a member: > This server has 1 ip, 1 search domain and AD-DC's are also the DNS and TIME servers. > > And these servers are in a LAN and no ipv6 is used. > > Tested on Debian 9 servers. > > Improvements, suggestions, well its on github.. > Or pm me.Will read and test, thanks!
Am 13.03.19 um 16:02 schrieb L.P.H. van Belle via samba:> Greetings drama queen Stefan.... ;-) hehe :-)) > > Yes, wait.. > > Or reboot DC1, wait 5-10 min reboot DC2, wait 5-10 min. > The waiting can be shorter is the AD is not so big.correction: ~90 users DC1 rebooted, no replication still Does lmhosts warning matter (on DC2)? I assume no: [2019/03/13 16:43:42.294504, 3] ../libcli/nbt/lmhosts.c:184(resolve_lmhosts_file_as_sockaddr) resolve_lmhosts: Attempting lmhosts lookup for name e5922d4b-9bf0-4c79-b256-ff5f75a3e4f4._msdcs.mytld.at<0x20> [2019/03/13 16:43:42.294540, 4] ../libcli/nbt/lmhosts.c:40(startlmhosts) startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
Hai Stefan,> > ;-) > > 3000 errors ... I mean ... what?No.. Not error, out of sync objects.> > ~30 users: smallOk thats small, a dc should be rebooted within 1-2 min and 1-2 min really max for AD sync.> > maybe I risk a DC1 reboot after 6pm > Not much time tmrw, so I am hesitating. Otherwise I'd like to have it > solved (again/for a a while).If you talking about "risking" a reboot, then you really not sure about the setup, correct? This is the part you need to work on, really.. Make more stable setup's, and know your reboot time. Because if i want to reboot a server here, i reboot it. DC's members.. All, except one, my mail server. Yes, even when everybody is working. ( between 60-100 users ) I'm that confident, it good and nothing happens after a reboot.> > > > Tested on Debian 9 servers. > > > > Improvements, suggestions, well its on github.. > > Or pm me. > > Will read and test, thanks!I think it wil help you but not for the current problem. For that you need to reboot you DC's first. PS. You might want to set on DC2 the resolv.conf nameserver IP1_of DC1 as first. Then reboot, after reboot, check the sync, if its ok, change the resolving back on DC2. Greetz, Louis
> > If systemd is so good, why do you have to jump through hoops to get > something to work correctly ?Im not saying systemd is good and jumping throug hoops, silly you.. ;-) hehe... :-)) Its just configuring the system, like any other, and it's not difficult about what i've shown. If you use networkd correcty, you can use one file for multiple settings. I setup .network file and ip/gateway/dns resolving/dns search/time sync is all done in one file.> Not knocking systemd, if you want to use it, then OK, but it isn't for me ;-) > > Rowland >Yeah.. I know that, but what the goal here was, of my post.. Its preparing for the furture upgrades. These things often go wrong or get wrong due to wrong/forgotten settings. With the script which is setting you up with systemd-network, this ends.. Thats how i see it. I have a setup also for ipv4+ipv6 in systemd without all errors you see when you google this. Its all in the setup.. Can these be improved, yes they can, but its a good base to start with. Same with the config i use for samba, a good starting point make you happy in the end. At least, for me, so lets hope for others too. Until tomorrow. Greetz, Louis