thr3ads.net - samba - [Samba] Replication Samba PDC to Samba BDC [Jun 2013]

If this information is useful, please help other people find it:
Share via:

"David González Herrera - [DGHVoIP]"

2013-Jun-04 01:16 UTC

[Samba] Replication Samba PDC to Samba BDC

Hi,

Let's see if any of the questions gets answered or at least I get ponte 
dto something that can help me.

I followed this wiki: 
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain

I have my S4 domain running, I compiled and installed another S4 to 
replicate the first server and joined successfully to the domain but 
replication seems to be broken.

Commandused:


root at bdc:~# samba-tool domain join mundo.local DC -Uadministrator 
--realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'mundo.local'
Found DC samba.mundo.local
workgroup is mundo
realm is mundo.local
checking sAMAccountName
Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Adding 
CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding CN=NTDS 
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Setting account password for BDC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mundo,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614] 
linked_values[28/0]
Replicating critical objects from the base DN of the domain
Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=mundo,DC=local
Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42] 
linked_values[0/0]
Replicating DC=ForestDnsZones,DC=mundo,DC=local
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18] 
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18] 
linked_values[0/0]
Committing SAM database
Sending DsReplicateUpdateRefs for all the replicated partitions
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as a DC

Seemed to have succeded, then I radn the recommended tests

# ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)' 
--cross-ncs objectguid
# record 1
dn: CN=NTDS 
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7

# record 2
dn: CN=NTDS 
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f

# returned 2 records
# 2 entries
# 0 referrals


These testes run from the BDC seem to work.

host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias for 
samba.mundo.local.

host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias for 
bdc.mundo.local.

root at bdc:~# host -t A bdc.mundo.local.
bdc.mundo.local has address 10.10.10.20

root at bdc:~# host -t A samba.mundo.local.
samba.mundo.local has address 10.10.10.5


Error showing up on the BDC

dns child failed to find name 
'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
dreplsrv_notify: Failed to send DsReplicaSync to 
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for 
CN=Configuration,DC=mundo,DC=local - NT_STATUS_OBJECT_NAME_NOT_FOUND : 
WERR_BADFILE

I tried to check replication status but this error shows

root at bdc:~# samba-tool drs showrepl
Default-First-Site-Name\BDC
DSA Options: 0x00000001
DSA object GUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
DSA invocationId: 609fd8be-7e0c-49ca-a5f5-1a68237ef03f

==== INBOUND NEIGHBORS ===
DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:43 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 8 consecutive failure(s).
                 Last success @ Mon Jun  3 20:35:43 2013 EDT

CN=Schema,CN=Configuration,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:43 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 8 consecutive failure(s).
                 Last success @ Mon Jun  3 20:35:38 2013 EDT

DC=ForestDnsZones,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:42 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 8 consecutive failure(s).
                 Last success @ Mon Jun  3 20:35:44 2013 EDT

DC=DomainDnsZones,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:42 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 8 consecutive failure(s).
                 Last success @ Mon Jun  3 20:35:43 2013 EDT

CN=Configuration,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:44 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 9 consecutive failure(s).
                 Last success @ Mon Jun  3 20:35:42 2013 EDT

==== OUTBOUND NEIGHBORS ===
DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ NTTIME(0) was successful
                 0 consecutive failure(s).
                 Last success @ NTTIME(0)

CN=Schema,CN=Configuration,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 15 consecutive failure(s).
                 Last success @ NTTIME(0)

DC=ForestDnsZones,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 1 consecutive failure(s).
                 Last success @ NTTIME(0)

DC=DomainDnsZones,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 1 consecutive failure(s).
                 Last success @ NTTIME(0)

CN=Configuration,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed, 
result 2 (WERR_BADFILE)
                 15 consecutive failure(s).
                 Last success @ NTTIME(0)

==== KCC CONNECTION OBJECTS ===
Connection --
         Connection name: 6092a1a0-3ad4-495d-a46c-f66e5409cea4
         Enabled        : TRUE
         Server DNS name : samba.mundo.local
         Server DN name  : CN=NTDS 
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
TransportType: RPC
                 options: 0x00000001
Warning: No NC replicated for Connection!

I would really appreciate AT LEAST some pointer AT LEAST an 
answerbecause many questions asked here at least by me get ignored so 
comeon people.

Thanks

-- 
David Gonzalez
DGHVoIP
USA: +1.213.632.8479
COL: +57.1.382.6718
COL: +57.4.247.0985
URL: www.dghvoip.com
Skype: davidgonzalezh

Giedrius

2013-Jun-04 04:57 UTC

head link

[Samba] Replication Samba PDC to Samba BDC

Hi,

2013.06.04 04:16, "David Gonz?lez Herrera - [DGHVoIP]"
ra??:> Hi,
>
> Let's see if any of the questions gets answered or at least I get
> ponte dto something that can help me.
>
> I followed this wiki:
>
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain
>
> I have my S4 domain running, I compiled and installed another S4 to
> replicate the first server and joined successfully to the domain but
> replication seems to be broken.
>
> Commandused:
>
>
> root at bdc:~# samba-tool domain join mundo.local DC -Uadministrator
> --realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
> Finding a writeable DC for domain 'mundo.local'
> Found DC samba.mundo.local
> workgroup is mundo
> realm is mundo.local
> checking sAMAccountName
> Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Adding
>
CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding CN=NTDS
>
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Setting account password for BDC$
> Enabling account
> Calling bare provision
> No IPv6 address will be assigned
> Provision OK for domain DN DC=mundo,DC=local
> Starting replication
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[402/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[804/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1206/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1550/1550] linked_values[0/0]
> Analyze and apply schema objects
> Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614]
> linked_values[28/0]
> Replicating critical objects from the base DN of the domain
> Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
> Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
> Done with always replicated NC (base, config, schema)
> Replicating DC=DomainDnsZones,DC=mundo,DC=local
> Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42]
> linked_values[0/0]
> Replicating DC=ForestDnsZones,DC=mundo,DC=local
> Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18]
> linked_values[0/0]
> Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18]
> linked_values[0/0]
> Committing SAM database
> Sending DsReplicateUpdateRefs for all the replicated partitions
> Setting isSynchronized and dsServiceName
> Setting up secrets database
> Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as
> a DC
>
> Seemed to have succeded, then I radn the recommended tests
>
> # ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)'
> --cross-ncs objectguid
> # record 1
> dn: CN=NTDS
>
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
>
> # record 2
> dn: CN=NTDS
>
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>
> # returned 2 records
> # 2 entries
> # 0 referrals
>
>
> These testes run from the BDC seem to work.
>
> host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias
> for samba.mundo.local.
>
> host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias
> for bdc.mundo.local.
>
> root at bdc:~# host -t A bdc.mundo.local.
> bdc.mundo.local has address 10.10.10.20
>
> root at bdc:~# host -t A samba.mundo.local.
> samba.mundo.local has address 10.10.10.5
>
>
> Error showing up on the BDC
>
> dns child failed to find name
> 'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
> dreplsrv_notify: Failed to send DsReplicaSync to
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for
> CN=Configuration,DC=mundo,DC=local - *NT_STATUS_OBJECT_NAME_NOT_FOUND
> : WERR_BADFILE *Did you AT LEAST search the mailing list???????
Check if ping (or any program using GLIBC's *NSS* DNS resolver) can
resolve your 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
name>
> I tried to check replication status but this error shows
>
> root at bdc:~# samba-tool drs showrepl
> Default-First-Site-Name\BDC
> DSA Options: 0x00000001
> DSA object GUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
> DSA invocationId: 609fd8be-7e0c-49ca-a5f5-1a68237ef03f
>
> ==== INBOUND NEIGHBORS ===>
> DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:43 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 8 consecutive failure(s).
>                 Last success @ Mon Jun  3 20:35:43 2013 EDT
>
> CN=Schema,CN=Configuration,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:43 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 8 consecutive failure(s).
>                 Last success @ Mon Jun  3 20:35:38 2013 EDT
>
> DC=ForestDnsZones,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:42 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 8 consecutive failure(s).
>                 Last success @ Mon Jun  3 20:35:44 2013 EDT
>
> DC=DomainDnsZones,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:42 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 8 consecutive failure(s).
>                 Last success @ Mon Jun  3 20:35:43 2013 EDT
>
> CN=Configuration,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:44 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 9 consecutive failure(s).
>                 Last success @ Mon Jun  3 20:35:42 2013 EDT
>
> ==== OUTBOUND NEIGHBORS ===>
> DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ NTTIME(0) was successful
>                 0 consecutive failure(s).
>                 Last success @ NTTIME(0)
>
> CN=Schema,CN=Configuration,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 15 consecutive failure(s).
>                 Last success @ NTTIME(0)
>
> DC=ForestDnsZones,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 1 consecutive failure(s).
>                 Last success @ NTTIME(0)
>
> DC=DomainDnsZones,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 1 consecutive failure(s).
>                 Last success @ NTTIME(0)
>
> CN=Configuration,DC=mundo,DC=local
> Default-First-Site-Name\SAMBA via RPC
>                 DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>                 Last attempt @ Mon Jun  3 20:58:53 2013 EDT failed,
> result 2 (WERR_BADFILE)
>                 15 consecutive failure(s).
>                 Last success @ NTTIME(0)
>
> ==== KCC CONNECTION OBJECTS ===>
> Connection --
>         Connection name: 6092a1a0-3ad4-495d-a46c-f66e5409cea4
>         Enabled        : TRUE
>         Server DNS name : samba.mundo.local
>         Server DN name  : CN=NTDS
>
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> TransportType: RPC
>                 options: 0x00000001
> Warning: No NC replicated for Connection!
>
> I would really appreciate AT LEAST some pointer AT LEAST an
> answerbecause many questions asked here at least by me get ignored so
> comeon people.
>
> Thanks
>

Possibly Parallel Threads

Search for more seemingly similar threads

samba - Jun 2013 - Replication Samba PDC to Samba BDC

[Samba] Replication Samba PDC to Samba BDC

[Samba] Replication Samba PDC to Samba BDC

Possibly Parallel Threads