Heinz Allerberger
2016-Aug-22 10:07 UTC
[Samba] ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (-1073610699, 'The operation cannot be performed.')
Hi All,
since Friday I get a surprising error, when I try to replicate my
domain-controllers.
This is new! It worked before in any direction without any failures...
When I replicate from dc2 to dc1 this runs also, without any failures:
root at dc1:~# samba-tool drs replicate dc1 dc2
DC=mydomain,DC=uni-frankfurt,DC=de
Replicate from dc2 to dc1 was successful.
Only when I try to replicate from dc1 to dc2 I get this new failure:
root at dc1:~# samba-tool drs replicate dc2 dc1
DC=mydomain,DC=uni-frankfurt,DC=de
ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync
failed -
drsException: DsReplicaSync failed (-1073610699, 'The operation cannot
be performed.')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line
348, in run
drs_utils.sendDsReplicaSync(self.drsuapi, self.drsuapi_handle,
source_dsa_guid, NC, req_options)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line
83,
in sendDsReplicaSync
raise drsException("DsReplicaSync failed %s" % estr)
Is this a bug?
Heinz
Heinz Allerberger
2016-Aug-22 15:48 UTC
[Samba] ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (-1073610699, 'The operation cannot be performed.')
Am 22.08.2016 um 12:07 schrieb Heinz Allerberger via samba:> Hi All, > > since Friday I get a surprising error, when I try to replicate my > domain-controllers. > This is new! It worked before in any direction without any failures... > > When I replicate from dc2 to dc1 this runs also, without any failures: > root at dc1:~# samba-tool drs replicate dc1 dc2 > DC=mydomain,DC=uni-frankfurt,DC=de > Replicate from dc2 to dc1 was successful. > > Only when I try to replicate from dc1 to dc2 I get this new failure: > root at dc1:~# samba-tool drs replicate dc2 dc1 > DC=mydomain,DC=uni-frankfurt,DC=de > ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - > drsException: DsReplicaSync failed (-1073610699, 'The operation cannot > be performed.') > File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line > 348, in run > drs_utils.sendDsReplicaSync(self.drsuapi, self.drsuapi_handle, > source_dsa_guid, NC, req_options) > File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 83, > in sendDsReplicaSync > raise drsException("DsReplicaSync failed %s" % estr) > > Is this a bug? > > Heinz >High All again, maybe I do have more helpful information for analyzing the DsReplicaSync-failure. On DC1 are all INBOUND NEIGHBORS are all successful, but OUTBOUND NEIGHBORS gives "WERR_BAD_NETPATH" Please have a loot to the output from showrepl below.. What I can not understand in this case is, that all checks of the DNS-resolution are without any failure. root at dc1:~#host dc1 dc1.mydomain.uni-frankfurt.de has address 192.168.151.230 root at dc1:~# host dc2 dc2.mydomain.uni-frankfurt.de has address 192.168.151.231 host -t SRV _kerberos._tcp.mydomain.uni-frankfurt.de _kerberos._tcp.mydomain.uni-frankfurt.de has SRV record 0 100 88 dc1.mydomain.uni-frankfurt.de. _kerberos._tcp.mydomain.uni-frankfurt.de has SRV record 0 100 88 dc2.mydomain.uni-frankfurt.de. root at dc1:~# host -t SRV _ldap._tcp.mydomain.uni-frankfurt.de _ldap._tcp.mydomain.uni-frankfurt.de has SRV record 0 100 389 dc1.mydomain.uni-frankfurt.de. _ldap._tcp.mydomain.uni-frankfurt.de has SRV record 0 100 389 dc2.mydomain.uni-frankfurt.de. root at dc1:~# samba-tool drs showrepl Default-First-Site-Name\DC1 DSA Options: 0x00000001 DSA object GUID: 1ae9c878-4d33-417a-9995-061189db4f8d DSA invocationId: dff09274-9c24-49c6-beb5-647561d5d893 ==== INBOUND NEIGHBORS === DC=ForestDnsZones,DC=mydomain,DC=uni-frankfurt,DC=de Default-First-Site-Name\dc2 via RPC DSA object GUID: e4da82c7-5d42-4011-8733-00a9dffb6633 Last attempt @ Mon Aug 22 16:19:25 2016 CEST was successful 0 consecutive failure(s). Last success @ Mon Aug 22 16:19:25 2016 CEST .... ==== OUTBOUND NEIGHBORS === DC=ForestDnsZones,DC=mydomain,DC=uni-frankfurt,DC=de Default-First-Site-Name\dc2 via RPC DSA object GUID: e4da82c7-5d42-4011-8733-00a9dffb6633 Last attempt @ Mon Aug 22 16:20:14 2016 CEST failed, result 53 (WERR_BAD_NETPATH) 37 consecutive failure(s). Last success @ NTTIME(0) DC=DomainDnsZones,DC=mydomain,DC=uni-frankfurt,DC=de Default-First-Site-Name\dc2 via RPC DSA object GUID: e4da82c7-5d42-4011-8733-00a9dffb6633 Last attempt @ Mon Aug 22 16:20:14 2016 CEST failed, result 53 (WERR_BAD_NETPATH) 37 consecutive failure(s). Last success @ NTTIME(0) DC=mydomain,DC=uni-frankfurt,DC=de Default-First-Site-Name\dc2 via RPC DSA object GUID: e4da82c7-5d42-4011-8733-00a9dffb6633 Last attempt @ Mon Aug 22 16:20:14 2016 CEST failed, result 53 (WERR_BAD_NETPATH) 37 consecutive failure(s). Last success @ NTTIME(0) CN=Schema,CN=Configuration,DC=mydomain,DC=uni-frankfurt,DC=de Default-First-Site-Name\dc2 via RPC DSA object GUID: e4da82c7-5d42-4011-8733-00a9dffb6633 Last attempt @ Mon Aug 22 16:20:14 2016 CEST failed, result 53 (WERR_BAD_NETPATH) 37 consecutive failure(s). Last success @ NTTIME(0) CN=Configuration,DC=mydomain,DC=uni-frankfurt,DC=de Default-First-Site-Name\dc2 via RPC DSA object GUID: e4da82c7-5d42-4011-8733-00a9dffb6633 Last attempt @ Mon Aug 22 16:20:14 2016 CEST failed, result 53 (WERR_BAD_NETPATH) 37 consecutive failure(s). Last success @ NTTIME(0) ==== KCC CONNECTION OBJECTS === Connection -- Connection name: 1367f590-6672-4807-bc27-2ac167d40a88 Enabled : TRUE Server DNS name : dc2.mydomain.uni-frankfurt.de Server DN name : CN=NTDS Settings,CN=dc2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=uni-frankfurt,DC=de TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! Does somebody have an idea, what I can do? Heinz