Yes they are, see samba-tool drs replicate -h. Am 24.02.2016 um 16:24 schrieb Achim Gottinger:> Have you tried to replicate with the --sync-forced and --full-sync > options? > > Am 24.02.2016 um 14:31 schrieb Sébastien Le Ray: >> Hi list, >> >> We use samba 4.1.17 (debian's version) on several DCs. I just >> realized that one of them is desynced and cannot get it to resync. >> >> The long story: we got 5 DCs splitted over several sites. Recently we >> had to replace one of them (let's call him DC5). Since both had to >> run in parallel for data recovery/users work we decided to join a >> brand new DC (DC6) and latter demote the second one (DC5). Where >> things get even more complicated is that once DC5 has been removed we >> put DC6 on its IP (following wiki). We performed some cleanup in the >> DNS and all was beautiful, data got replicated. However I just >> realized that a completly different DC (say DC3) didn't catch the >> replacement. samba-tool drs showrepl reports errors where we can see >> the no-more existing DC and a DNS query returns the old DC6 address. >> Is there a way to force replication (even by copying files manually)? >> samba-tools drs replicate fails miserably without any meaningful error. >> >> Thanks in advance >> > >
Still the same error… ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (-1073610723, 'NT_STATUS_RPC_PROTOCOL_ERROR') Would copying the sam.ldb* files from a working DC be a mistake? Le 25/02/2016 12:45, Achim Gottinger a écrit :> Yes they are, see samba-tool drs replicate -h. > > > > Am 24.02.2016 um 16:24 schrieb Achim Gottinger: >> Have you tried to replicate with the --sync-forced and --full-sync >> options? >> >> Am 24.02.2016 um 14:31 schrieb Sébastien Le Ray: >>> Hi list, >>> >>> We use samba 4.1.17 (debian's version) on several DCs. I just >>> realized that one of them is desynced and cannot get it to resync. >>> >>> The long story: we got 5 DCs splitted over several sites. Recently >>> we had to replace one of them (let's call him DC5). Since both had >>> to run in parallel for data recovery/users work we decided to join a >>> brand new DC (DC6) and latter demote the second one (DC5). Where >>> things get even more complicated is that once DC5 has been removed >>> we put DC6 on its IP (following wiki). We performed some cleanup in >>> the DNS and all was beautiful, data got replicated. However I just >>> realized that a completly different DC (say DC3) didn't catch the >>> replacement. samba-tool drs showrepl reports errors where we can see >>> the no-more existing DC and a DNS query returns the old DC6 address. >>> Is there a way to force replication (even by copying files >>> manually)? samba-tools drs replicate fails miserably without any >>> meaningful error. >>> >>> Thanks in advance >>> >> >> > >
On the failing DC. Stop samba Remove the content of /var/lib/samba/*.tdb /var/lib/samba/private/* /var/lib/samba/sysvol/* /var/cache/samba/* Remove the old DC from the AD domain. Remove the old DC from the dns domain. Now you can join again. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Sébastien Le Ray > Verzonden: donderdag 25 februari 2016 14:16 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Desynced DC > > Still the same error? > > ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - > drsException: DsReplicaSync failed (-1073610723, > 'NT_STATUS_RPC_PROTOCOL_ERROR') > > Would copying the sam.ldb* files from a working DC be a mistake? > > Le 25/02/2016 12:45, Achim Gottinger a écrit : > > Yes they are, see samba-tool drs replicate -h. > > > > > > > > Am 24.02.2016 um 16:24 schrieb Achim Gottinger: > >> Have you tried to replicate with the --sync-forced and --full-sync > >> options? > >> > >> Am 24.02.2016 um 14:31 schrieb Sébastien Le Ray: > >>> Hi list, > >>> > >>> We use samba 4.1.17 (debian's version) on several DCs. I just > >>> realized that one of them is desynced and cannot get it to resync. > >>> > >>> The long story: we got 5 DCs splitted over several sites. Recently > >>> we had to replace one of them (let's call him DC5). Since both had > >>> to run in parallel for data recovery/users work we decided to join a > >>> brand new DC (DC6) and latter demote the second one (DC5). Where > >>> things get even more complicated is that once DC5 has been removed > >>> we put DC6 on its IP (following wiki). We performed some cleanup in > >>> the DNS and all was beautiful, data got replicated. However I just > >>> realized that a completly different DC (say DC3) didn't catch the > >>> replacement. samba-tool drs showrepl reports errors where we can see > >>> the no-more existing DC and a DNS query returns the old DC6 address. > >>> Is there a way to force replication (even by copying files > >>> manually)? samba-tools drs replicate fails miserably without any > >>> meaningful error. > >>> > >>> Thanks in advance > >>> > >> > >> > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Hi again, The --local option did the trick. But I can see why samba-tool drs replicate desynced-dc.my.domain sane-dc.my-domain dc=ad,dc=my,dc=domain fails while samba-tool drs replicate desynced-dc.my.domain sane-dc.my-domain dc=ad,dc=my,dc=domain --local works like a charm (desynced-dc.ad.finsecur.lan resolves correctly) Anyway, sync seem to be up & running again, thank you very much Le 25/02/2016 12:45, Achim Gottinger a écrit :> Yes they are, see samba-tool drs replicate -h. > > > > Am 24.02.2016 um 16:24 schrieb Achim Gottinger: >> Have you tried to replicate with the --sync-forced and --full-sync >> options? >> >> Am 24.02.2016 um 14:31 schrieb Sébastien Le Ray: >>> Hi list, >>> >>> We use samba 4.1.17 (debian's version) on several DCs. I just >>> realized that one of them is desynced and cannot get it to resync. >>> >>> The long story: we got 5 DCs splitted over several sites. Recently >>> we had to replace one of them (let's call him DC5). Since both had >>> to run in parallel for data recovery/users work we decided to join a >>> brand new DC (DC6) and latter demote the second one (DC5). Where >>> things get even more complicated is that once DC5 has been removed >>> we put DC6 on its IP (following wiki). We performed some cleanup in >>> the DNS and all was beautiful, data got replicated. However I just >>> realized that a completly different DC (say DC3) didn't catch the >>> replacement. samba-tool drs showrepl reports errors where we can see >>> the no-more existing DC and a DNS query returns the old DC6 address. >>> Is there a way to force replication (even by copying files >>> manually)? samba-tools drs replicate fails miserably without any >>> meaningful error. >>> >>> Thanks in advance >>> >> >> > >
Glad it helped. Guess it did not work because of the old dns record at the desynced dc. Am 25.02.2016 um 14:47 schrieb Sébastien Le Ray:> Hi again, > > The --local option did the trick. But I can see why > samba-tool drs replicate desynced-dc.my.domain sane-dc.my-domain > dc=ad,dc=my,dc=domain > fails while > samba-tool drs replicate desynced-dc.my.domain sane-dc.my-domain > dc=ad,dc=my,dc=domain --local > works like a charm (desynced-dc.ad.finsecur.lan resolves correctly) > > Anyway, sync seem to be up & running again, thank you very much > > Le 25/02/2016 12:45, Achim Gottinger a écrit : >> Yes they are, see samba-tool drs replicate -h. >> >> >> >> Am 24.02.2016 um 16:24 schrieb Achim Gottinger: >>> Have you tried to replicate with the --sync-forced and --full-sync >>> options? >>> >>> Am 24.02.2016 um 14:31 schrieb Sébastien Le Ray: >>>> Hi list, >>>> >>>> We use samba 4.1.17 (debian's version) on several DCs. I just >>>> realized that one of them is desynced and cannot get it to resync. >>>> >>>> The long story: we got 5 DCs splitted over several sites. Recently >>>> we had to replace one of them (let's call him DC5). Since both had >>>> to run in parallel for data recovery/users work we decided to join >>>> a brand new DC (DC6) and latter demote the second one (DC5). Where >>>> things get even more complicated is that once DC5 has been removed >>>> we put DC6 on its IP (following wiki). We performed some cleanup in >>>> the DNS and all was beautiful, data got replicated. However I just >>>> realized that a completly different DC (say DC3) didn't catch the >>>> replacement. samba-tool drs showrepl reports errors where we can >>>> see the no-more existing DC and a DNS query returns the old DC6 >>>> address. Is there a way to force replication (even by copying files >>>> manually)? samba-tools drs replicate fails miserably without any >>>> meaningful error. >>>> >>>> Thanks in advance >>>> >>> >>> >> >> >