Hi everyone,
Samba4 has been going great for quite a while now, so I thought I would get a
little adventurous. The goal is to install Openchange with SOGo.
The SOGo part is fine, but Openchange extends the AD schema in a similar way
that Exchange extends the AD schema. To facilitate this, I joined a new DC to
the domain, and transferred the fsmo schema role to this new DC. When I say
transferred, the transfer failed and it seized the role. The schema update went
fine, but after all this I noticed replication errors had started to creep in.
On the initial DC (lachesis), I get the following from a "samba-tool drs
showrepl"
Default-First-Site-Name\LACHESIS
DSA Options: 0x00000001
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
DSA invocationId: f8725c00-ec68-4fda-86c0-35a7ae76a094
==== INBOUND NEIGHBORS ===
DC=DomainDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ Wed Jun 12 06:34:13 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:34:13 2013 EST
DC=ForestDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ Wed Jun 12 06:34:13 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:34:13 2013 EST
DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ Wed Jun 12 06:34:13 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:34:13 2013 EST
CN=Schema,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ Wed Jun 12 06:34:13 2013 EST failed, result 58
(WERR_BAD_NET_RESP)
17 consecutive failure(s).
Last success @ Tue Jun 11 23:00:46 2013 EST
CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ Wed Jun 12 06:34:13 2013 EST failed, result 58
(WERR_BAD_NET_RESP)
13 consecutive failure(s).
Last success @ Tue Jun 11 23:01:47 2013 EST
==== OUTBOUND NEIGHBORS ===
DC=DomainDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=ForestDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Schema,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\CHIRON via RPC
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
==== KCC CONNECTION OBJECTS ===
Connection --
Connection name: 3badecbb-3afa-4ced-ae91-5bf3da1bdd37
Enabled : TRUE
Server DNS name : CHIRON.hq.domain.com.au
Server DN name : CN=NTDS
Settings,CN=CHIRON,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
The samba log show some interesting stuff.
[2013/06/11 23:05:11, 0]
../source4/dsdb/repl/replicated_objects.c:525(dsdb_replicated_objects_convert)
Failed to convert object
CN=ms-Exch-Container,CN=Schema,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au:
WERR_GENERAL_FAILURE
[2013/06/11 23:05:11, 0]
../source4/dsdb/repl/drepl_out_helpers.c:701(dreplsrv_op_pull_source_apply_changes_trigger)
Failed to convert objects:
WERR_GENERAL_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
[2013/06/11 23:05:11, 0]
../source4/lib/cmdline/popt_common.c:58(popt_s4_talloc_log_fn)
Bad talloc magic value - unknown value
[2013/06/11 23:05:11, 0] ../lib/util/fault.c:144(smb_panic_default)
PANIC: Bad talloc magic value - unknown value
[2013/06/11 23:05:18, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
...
[2013/06/12 06:45:42, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:45:47, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:45:52, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:45:57, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:46:02, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:46:07, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:46:12, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:46:17, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
[2013/06/12 06:46:22, 0]
../source4/rpc_server/common/forward.c:51(dcesrv_irpc_forward_callback)
IRPC callback failed for DsReplicaSync - NT_STATUS_CONNECTION_REFUSED
?
[2013/06/12 06:49:19, 0]
../source4/dsdb/repl/replicated_objects.c:525(dsdb_replicated_objects_convert)
Failed to convert object
CN=ms-Exch-Container,CN=Schema,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au:
WERR_GENERAL_FAILURE
[2013/06/12 06:49:19, 0]
../source4/dsdb/repl/drepl_out_helpers.c:701(dreplsrv_op_pull_source_apply_changes_trigger)
Failed to convert objects:
WERR_GENERAL_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
[2013/06/12 06:49:19, 0]
../source4/dsdb/repl/replicated_objects.c:525(dsdb_replicated_objects_convert)
Failed to convert object CN=First Organization,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au:
WERR_GENERAL_FAILURE
[2013/06/12 06:49:19, 0]
../source4/dsdb/repl/drepl_out_helpers.c:701(dreplsrv_op_pull_source_apply_changes_trigger)
Failed to convert objects:
WERR_GENERAL_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
[2013/06/12 06:50:42, 0]
../source4/lib/cmdline/popt_common.c:58(popt_s4_talloc_log_fn)
Bad talloc magic value - unknown value
[2013/06/12 06:50:42, 0] ../lib/util/fault.c:144(smb_panic_default)
PANIC: Bad talloc magic value - unknown value
The second DC (Chiron) which I did the schema update on shows no problems
Default-First-Site-Name\CHIRON
DSA Options: 0x00000001
DSA object GUID: ed493864-10ef-41da-9c50-11ffc3fb2763
DSA invocationId: 35be6576-c76f-4e98-82b9-830b466f0a33
==== INBOUND NEIGHBORS ===
DC=DomainDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:51 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:51 2013 EST
CN=Schema,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:52 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:52 2013 EST
DC=ForestDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:51 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:51 2013 EST
DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:52 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:52 2013 EST
CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:52 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:52 2013 EST
==== OUTBOUND NEIGHBORS ===
DC=DomainDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:41 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:41 2013 EST
CN=Schema,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:41 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:41 2013 EST
DC=ForestDnsZones,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:41 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:41 2013 EST
CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
Default-First-Site-Name\LACHESIS via RPC
DSA object GUID: 89a6915d-6b54-42fb-9bf8-e670ed9f8d08
Last attempt @ Wed Jun 12 06:50:41 2013 EST was successful
0 consecutive failure(s).
Last success @ Wed Jun 12 06:50:41 2013 EST
==== KCC CONNECTION OBJECTS ===
Connection --
Connection name: 91042d21-6f25-4a7b-8c7f-4ecd3d04cd8f
Enabled : TRUE
Server DNS name : lachesis.hq.domain.com.au
Server DN name : CN=NTDS
Settings,CN=LACHESIS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=domain,DC=com,DC=au
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
I have tried manually replicating, but this doesn't seem to work. Any
insight would be fantastic.
Alex Ferrara
Director
Receptive IT Solutions