I ran thru the wikipage you linked to, and the results were as they should be # record 1 dn: CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tcsbasys,DC=com objectGUID: 0d5ebcac-88d7-44fb-a830-ec3eacb6757f # record 2 dn: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tcsbasys,DC=com objectGUID: 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a # returned 2 records # 2 entries # 0 referrals root at dc1:~# host -t CNAME 0d5ebcac-88d7-44fb-a830-ec3eacb6757f._ msdcs.tcsbasys.com 0d5ebcac-88d7-44fb-a830-ec3eacb6757f._msdcs.tcsbasys.com is an alias for DC1.tcsbasys.com. root at dc1:~# host -t CNAME 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a._ msdcs.tcsbasys.com 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a._msdcs.tcsbasys.com is an alias for dc2.tcsbasys.com. root at dc1:~# On Tue, Dec 12, 2017 at 2:44 PM, Rowland Penny via samba < samba at lists.samba.org> wrote:> On Tue, 12 Dec 2017 14:19:58 -0600 > Taylor Hammerling <thammerling at tcsbasys.com> wrote: > > > I'm sorry Rowland, I meant to mention in my initial email that I am > > running 4.7.3. > > and other replication (like AD object replication) is working in both > > directions. it is just DNS replication that is only working one way. > > > > d8d2fe1e-c14c-4dcb-98b6-b6c974a49d99._msdcs.tcsbasys.com is a CNAME, so > try the wikipage I posted a link to, at the very least, it will rule it > out. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- *Taylor Hammerling* | *IT Manager* 2800 Laura Lane | Middleton, WI 53562 *O *(608) 669-9070 *| C *(608) 512-7849 tcsbasys.com | ubiquistat.com
On Tue, 12 Dec 2017 20:51:24 -0600 Taylor Hammerling <thammerling at tcsbasys.com> wrote:> I ran thru the wikipage you linked to, and the results were as they > should be > > # record 1 > dn: CN=NTDS > Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tcsbasys,DC=com > objectGUID: 0d5ebcac-88d7-44fb-a830-ec3eacb6757f > > # record 2 > dn: CN=NTDS > Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tcsbasys,DC=com > objectGUID: 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a > > # returned 2 records > # 2 entries > # 0 referrals > root at dc1:~# host -t CNAME 0d5ebcac-88d7-44fb-a830-ec3eacb6757f._ > msdcs.tcsbasys.com > 0d5ebcac-88d7-44fb-a830-ec3eacb6757f._msdcs.tcsbasys.com is an alias > for DC1.tcsbasys.com. > > root at dc1:~# host -t CNAME 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a._ > msdcs.tcsbasys.com > 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a._msdcs.tcsbasys.com is an alias > for dc2.tcsbasys.com. > root at dc1:~# >Right that rules that out ;-) Is there anything else of the old DC left in AD ? Could 'samba-tool samba-tool domain demote --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER' be of use here ? Otherwise you may have to find and remove the old DC data manually. Rowland
Here is the thing, DC2 is slated to be demoted and retired (it is based on TKL, that has been updated to samba 4.7.3 using Louis' repository) and then I was planning on building a new DC2 to replace it using a clean install of stretch and Louis' repository. But I wanted to make sure that replication was working properly before I demoted and retired DC2. I had a thought on the way in to work this morning, what if I made a DC3? If all replication worked properly between DC1 and DC3, I could safely demote and retire DC2, and rebuild it. So that's what I did first thing this morning. DC1 and DC3 are replicating DNS and AD objects just fine! I will be demoting DC2 and rebuilding it. Thanks again for your help folks! On Wed, Dec 13, 2017 at 2:44 AM, Rowland Penny via samba < samba at lists.samba.org> wrote:> On Tue, 12 Dec 2017 20:51:24 -0600 > Taylor Hammerling <thammerling at tcsbasys.com> wrote: > > > I ran thru the wikipage you linked to, and the results were as they > > should be > > > > # record 1 > > dn: CN=NTDS > > Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN> Sites,CN=Configuration,DC=tcsbasys,DC=com > > objectGUID: 0d5ebcac-88d7-44fb-a830-ec3eacb6757f > > > > # record 2 > > dn: CN=NTDS > > Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN> Sites,CN=Configuration,DC=tcsbasys,DC=com > > objectGUID: 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a > > > > # returned 2 records > > # 2 entries > > # 0 referrals > > root at dc1:~# host -t CNAME 0d5ebcac-88d7-44fb-a830-ec3eacb6757f._ > > msdcs.tcsbasys.com > > 0d5ebcac-88d7-44fb-a830-ec3eacb6757f._msdcs.tcsbasys.com is an alias > > for DC1.tcsbasys.com. > > > > root at dc1:~# host -t CNAME 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a._ > > msdcs.tcsbasys.com > > 7da1efbb-3b68-4249-ab03-e09c3ffc0d1a._msdcs.tcsbasys.com is an alias > > for dc2.tcsbasys.com. > > root at dc1:~# > > > > Right that rules that out ;-) > > Is there anything else of the old DC left in AD ? > Could 'samba-tool samba-tool domain demote > --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER' be of use here ? > Otherwise you may have to find and remove the old DC data manually. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- *Taylor Hammerling* | *IT Manager* 2800 Laura Lane | Middleton, WI 53562 *O *(608) 669-9070 *| C *(608) 512-7849 tcsbasys.com | ubiquistat.com