Arne Zachlod
2021-Jun-07 14:44 UTC
[Samba] Replication between DCs seems broken after deleting a domain member
On 6/7/21 4:21 PM, Rowland penny via samba wrote:> On 07/06/2021 14:29, Arne Zachlod via samba wrote: >> Hi, >> >> I recently upgraded my Samba 4.3 to samba 4.13 (I really did 4.11, >> 4.12 and then 4.13). Everything seems to work fine for now, but there >> is a problem in the samba log on all but one of my DCs. >> >> I have 4 DCs: addc08, addc12, addc13 and addc16 >> >> all of the DCs are on a different AD Site. addc13 is int he same site >> with the member hydra. >> >> I deleted the member hydra and added it back a few weeks ago because >> we had problems with some users logging into it from other sites. It >> seemed to have worked at that time. hydra is running as a linux AD >> member fileserver. > > > How did you delete the computer ?I deleted it with RSAT, and then removed the A record by hand, also in RSAT.>> >> addc08 shows this: >> >> [2021/06/07 15:23:03.219420,? 0] >> ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) >> ?ldb: No objectClass found in replPropertyMetaData for >> CN=hydra,CN=Computers,DC=int,DC=company,DC=de! >> >> [2021/06/07 15:23:03.220149,? 0] >> ../../source4/dsdb/repl/drepl_out_helpers.c:1184(dreplsrv_op_pull_source_apply_changes_trigger) >> >> ?Failed to commit objects: >> WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE >> >> >> while addc16 and addc12 show this (only the timestamp doesn't match): >> >> [2021/06/07 15:22:12.356301,? 0] >> ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) >> ?ldb: No objectClass found in replPropertyMetaData for >> CN=hydra\0ADEL:2daab3d0-b214-45ab-8f1b-0eef7da9ecd6,CN=Deleted >> Objects,DC=int,DC=company,DC=de! > > > '\0ADEL' means a deleted object and for further proof it is in > 'CN=Deleted Objects' > > Try running this on a DC: > > samba-tool domain tombstones expunge > --tombstone-lifetime=TOMBSTONE_LIFETIME -U administratorI did this, thanks. It stopped the error messages in addc12 and addc13, but the thing in addc08 is still appearing, do you have any idea for this one?: [2021/06/07 16:43:03.145146, 0] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: No objectClass found in replPropertyMetaData for CN=hydra,CN=Computers,DC=int,DC=company,DC=de! [2021/06/07 16:43:03.145554, 0] ../../source4/dsdb/repl/drepl_out_helpers.c:1184(dreplsrv_op_pull_source_apply_changes_trigger) Failed to commit objects: WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE> Where 'TOMBSTONE_LIFETIME' is the number of days to keep tombstone > records for, the lower the number, the more tombstone records will be > removed. > > Rowland > > > >
Rowland penny
2021-Jun-07 14:50 UTC
[Samba] Replication between DCs seems broken after deleting a domain member
On 07/06/2021 15:44, Arne Zachlod via samba wrote:> > > On 6/7/21 4:21 PM, Rowland penny via samba wrote: >> On 07/06/2021 14:29, Arne Zachlod via samba wrote: >> >> How did you delete the computer ? > > I deleted it with RSAT, and then removed the A record by hand, also in > RSAT.Yes, but how did you delete it, did you just remove the computers record ? If you did, then I would suggest you don't do it that way again, you should 'leave' the domain from the computer.>> I did this, thanks. It stopped the error messages in addc12 and >> addc13, but the thing in addc08 is still appearing, do you have any >> idea for this one?: > > [2021/06/07 16:43:03.145146,? 0] > ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) > ?ldb: No objectClass found in replPropertyMetaData for > CN=hydra,CN=Computers,DC=int,DC=company,DC=de! > > [2021/06/07 16:43:03.145554,? 0] > ../../source4/dsdb/repl/drepl_out_helpers.c:1184(dreplsrv_op_pull_source_apply_changes_trigger) > ?Failed to commit objects: > WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE >Use samba-tool to replicate from a good DC to addc08 Rowland