Johannes Amorosa | Celluloid VFX
2015-Mar-27 12:14 UTC
[Samba] Replication error after trying to sync sysvol
I tried to synchronize the sysvol folders, on two dcs. Something went wrong since yesterday we have replication problems: One machine shows this, while the other one is happy. samba-tool drs showrepl ==== INBOUND NEIGHBORS === DC=DomainDnsZones,DC=ourdomain,DC=com Default-First-Site-Name\DC03 via RPC DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 Last attempt @ Fri Mar 27 12:58:42 2015 CET failed, result 121 (WERR_SEM_TIMEOUT) 126 consecutive failure(s). Last success @ Fri Mar 27 03:40:24 2015 CET DC=ForestDnsZones,DC=ourdomain,DC=com Default-First-Site-Name\DC04 via RPC DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 Last attempt @ Fri Mar 27 12:51:41 2015 CET failed, result 121 (WERR_SEM_TIMEOUT) 102 consecutive failure(s). Last success @ Fri Mar 27 03:40:24 2015 CET DC=ourdomain,DC=com Default-First-Site-Name\DC03 via RPC DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 Last attempt @ Fri Mar 27 12:57:42 2015 CET failed, result 121 (WERR_SEM_TIMEOUT) 106 consecutive failure(s). Last success @ Fri Mar 27 03:40:25 2015 CET CN=Configuration,DC=ourdomain,DC=com Default-First-Site-Name\DC03 via RPC DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 Last attempt @ Fri Mar 27 12:53:41 2015 CET failed, result 121 (WERR_SEM_TIMEOUT) 102 consecutive failure(s). Last success @ Fri Mar 27 03:40:26 2015 CET CN=Schema,CN=Configuration,DC=ourdomain,DC=com Default-First-Site-Name\DC03 via RPC DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 Last attempt @ Fri Mar 27 12:54:41 2015 CET failed, result 121 (WERR_SEM_TIMEOUT) 102 consecutive failure(s). Last success @ Fri Mar 27 03:40:28 2015 CET <snip> Every service still seems to work - but we're quite nervous - this is a production system(lesson learned!). I tried to force sync samba-tool drs replicate --full-sync DC04 DC03 dc=ourdomain,dc=com ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (-1073741643, 'NT_STATUS_IO_TIMEOUT') Or setup: sernet-samba 99:4.1.17-10 [global] workgroup = OURDOMAIN realm = OURDOMAIN.COM netbios name = DC04 log level = 3 server role = active directory domain controller dns forwarder = 192.168.1.254 <snip> Ubuntu 12.04 How can I fix this. Any help is highly appreciated. Joe -- Johannes Amorosa | Celluloid VFX
Johannes Amorosa | Celluloid VFX
2015-Mar-27 13:12 UTC
[Samba] Replication error after trying to sync sysvol
Found the problem. There is a DNS Problem on one machine. This happend because I was testing some samba AD settings in a virtual machine, without knowing that NAT isn't shielding this properly - this vm propagated the "new" IP to one of the dcs. DC04> ping DC03 gives wrong IP! This should be fixable with the samba-tool dns update? On 03/27/2015 01:14 PM, Johannes Amorosa | Celluloid VFX wrote:> I tried to synchronize the sysvol folders, on two dcs. Something went > wrong since yesterday we have replication problems: > One machine shows this, while the other one is happy. > > samba-tool drs showrepl > > ==== INBOUND NEIGHBORS ===> > DC=DomainDnsZones,DC=ourdomain,DC=com > Default-First-Site-Name\DC03 via RPC > DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 > Last attempt @ Fri Mar 27 12:58:42 2015 CET failed, result 121 > (WERR_SEM_TIMEOUT) > 126 consecutive failure(s). > Last success @ Fri Mar 27 03:40:24 2015 CET > > DC=ForestDnsZones,DC=ourdomain,DC=com > Default-First-Site-Name\DC04 via RPC > DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 > Last attempt @ Fri Mar 27 12:51:41 2015 CET failed, result 121 > (WERR_SEM_TIMEOUT) > 102 consecutive failure(s). > Last success @ Fri Mar 27 03:40:24 2015 CET > > DC=ourdomain,DC=com > Default-First-Site-Name\DC03 via RPC > DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 > Last attempt @ Fri Mar 27 12:57:42 2015 CET failed, result 121 > (WERR_SEM_TIMEOUT) > 106 consecutive failure(s). > Last success @ Fri Mar 27 03:40:25 2015 CET > > CN=Configuration,DC=ourdomain,DC=com > Default-First-Site-Name\DC03 via RPC > DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 > Last attempt @ Fri Mar 27 12:53:41 2015 CET failed, result 121 > (WERR_SEM_TIMEOUT) > 102 consecutive failure(s). > Last success @ Fri Mar 27 03:40:26 2015 CET > > CN=Schema,CN=Configuration,DC=ourdomain,DC=com > Default-First-Site-Name\DC03 via RPC > DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 > Last attempt @ Fri Mar 27 12:54:41 2015 CET failed, result 121 > (WERR_SEM_TIMEOUT) > 102 consecutive failure(s). > Last success @ Fri Mar 27 03:40:28 2015 CET > <snip> > > Every service still seems to work - but we're quite nervous - this is > a production system(lesson learned!). > > I tried to force sync > samba-tool drs replicate --full-sync DC04 DC03 dc=ourdomain,dc=com > ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - > drsException: DsReplicaSync failed (-1073741643, 'NT_STATUS_IO_TIMEOUT') > > Or setup: > sernet-samba 99:4.1.17-10 > > [global] > workgroup = OURDOMAIN > realm = OURDOMAIN.COM > netbios name = DC04 > log level = 3 > > server role = active directory domain controller > dns forwarder = 192.168.1.254 > <snip> > > Ubuntu 12.04 > > How can I fix this. Any help is highly appreciated. > Joe >-- Johannes Amorosa | Celluloid VFX
Johannes Amorosa | Celluloid VFX
2015-Mar-27 13:59 UTC
[Samba] Replication error after trying to sync sysvol
for the records: samba-tool dns delete DC03 ourdomain.inc DC03 A 10.0.2.15 -U administrator On 03/27/2015 02:12 PM, Johannes Amorosa | Celluloid VFX wrote:> Found the problem. There is a DNS Problem on one machine. This happend > because I was testing some samba AD settings in a virtual machine, > without knowing that NAT isn't shielding this properly - this vm > propagated the "new" IP to one of the dcs. > > DC04> ping DC03 > gives wrong IP! > > This should be fixable with the samba-tool dns update? > > > On 03/27/2015 01:14 PM, Johannes Amorosa | Celluloid VFX wrote: >> I tried to synchronize the sysvol folders, on two dcs. Something went >> wrong since yesterday we have replication problems: >> One machine shows this, while the other one is happy. >> >> samba-tool drs showrepl >> >> ==== INBOUND NEIGHBORS ===>> >> DC=DomainDnsZones,DC=ourdomain,DC=com >> Default-First-Site-Name\DC03 via RPC >> DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 >> Last attempt @ Fri Mar 27 12:58:42 2015 CET failed, result >> 121 (WERR_SEM_TIMEOUT) >> 126 consecutive failure(s). >> Last success @ Fri Mar 27 03:40:24 2015 CET >> >> DC=ForestDnsZones,DC=ourdomain,DC=com >> Default-First-Site-Name\DC04 via RPC >> DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 >> Last attempt @ Fri Mar 27 12:51:41 2015 CET failed, result >> 121 (WERR_SEM_TIMEOUT) >> 102 consecutive failure(s). >> Last success @ Fri Mar 27 03:40:24 2015 CET >> >> DC=ourdomain,DC=com >> Default-First-Site-Name\DC03 via RPC >> DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 >> Last attempt @ Fri Mar 27 12:57:42 2015 CET failed, result >> 121 (WERR_SEM_TIMEOUT) >> 106 consecutive failure(s). >> Last success @ Fri Mar 27 03:40:25 2015 CET >> >> CN=Configuration,DC=ourdomain,DC=com >> Default-First-Site-Name\DC03 via RPC >> DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 >> Last attempt @ Fri Mar 27 12:53:41 2015 CET failed, result >> 121 (WERR_SEM_TIMEOUT) >> 102 consecutive failure(s). >> Last success @ Fri Mar 27 03:40:26 2015 CET >> >> CN=Schema,CN=Configuration,DC=ourdomain,DC=com >> Default-First-Site-Name\DC03 via RPC >> DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479 >> Last attempt @ Fri Mar 27 12:54:41 2015 CET failed, result >> 121 (WERR_SEM_TIMEOUT) >> 102 consecutive failure(s). >> Last success @ Fri Mar 27 03:40:28 2015 CET >> <snip> >> >> Every service still seems to work - but we're quite nervous - this is >> a production system(lesson learned!). >> >> I tried to force sync >> samba-tool drs replicate --full-sync DC04 DC03 dc=ourdomain,dc=com >> ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - >> drsException: DsReplicaSync failed (-1073741643, 'NT_STATUS_IO_TIMEOUT') >> >> Or setup: >> sernet-samba 99:4.1.17-10 >> >> [global] >> workgroup = OURDOMAIN >> realm = OURDOMAIN.COM >> netbios name = DC04 >> log level = 3 >> >> server role = active directory domain controller >> dns forwarder = 192.168.1.254 >> <snip> >> >> Ubuntu 12.04 >> >> How can I fix this. Any help is highly appreciated. >> Joe >> >-- Johannes Amorosa | Celluloid VFX
Possibly Parallel Threads
- samba_dnsupdate failed with RuntimeError: kinit for SMB4ECONOMIA$@ECONOMIA failed (Cannot contact any KDC for requested realm)
- Replication error after trying to sync sysvol
- Fwd: samba_dnsupdate failed with RuntimeError: kinit for SMB4ECONOMIA$@ECONOMIA failed (Cannot contact any KDC for requested realm)
- BIND9.8 DLZ performance issue
- Group Policy failures related to machine password replication