23.11.2022 17:04, Luis Peromarta via samba wrote:> Hi there,
>
> I am in the process of replacing two old machines running as DCs with
Debian 11 and samba 4.16.6 from back ports. DC1 and DC2
>
> I have installed 2 VMs, Debian 11, 4.17.3 from back ports. DC3 and DC4.
Domain join when OK, idmap copied, sysvol sync?d demo DC1, and replication
working away.
>
> However:
>
> DC1 replicates correctly with DC2, DC3 and DC4.
> DC2 replicates correctly with DC1, DC3 and DC4.
>
> DC3 replicates *only* with DC1 and DC2
> DC4 replicates *only* with DC1 and DC2
>
> Am I doing something wrong ?
Are you sure DC3 and DC4 *have* to replicate between each other?
I'm new to this stuff, but I had to add extra links (how is that,
NTDS? I forgot) between two out of 3 DCs here in order to enable
replication between them. In "Sites and Subnets" snap, under each
DC, there's one more level with the links. Some links are created
automatically, some have to be created explicitly. I don't know
if that's how it is supposed to work, but this is what I've seen
when doing experiments here.
FWIW, this process does not use PTR records.
Speaking of resolv.conf at each DC pointing to this very DC - I'd
avoid this one because of a very simple reason: if replication to
this DC doesn't work for some reason, DNS replication doesn't work
too, so it wont see new names in the net (which might be required
for the replication to work). This is one of the reasons I don't
use samba-provided DNS, - to keep it simple and avoid such sort
of issues. DNS is already well set up with replication and
reservation to ensure it is always working. YMMV.
Thanks,
/mjt