Ing. Claudio Nicora
2018-Jul-09 20:57 UTC
[Samba] Repadmin fails when querying Samba server 4.7.6
I'm trying to fix a replication error that occurs between Win2008R2 (srvwin) and Samba 4.7.6 DCs (srvsamba). Event viewer on Win2008R2 server reports that synchronization failed on a specific Computer object because of schema version misalignment between servers. I've then used repadmin to compare failing object on the two servers. Querying the windows server works but it fails querying the Samba server ************************************* C:\Windows\system32>repadmin /showobjmeta srvwin "CN=MYPC,CN=Computers,DC=SAMDOM,DC=LOCAL" 30 entries. Loc.USN Originating DSA Org.USN Org.Time/Date Ver Attribute ======= =============== ========= ============= === ======== 146459 edecb709-eff3-45fc-8cbd-6760e0045ca3 10595 2018-07-08 23:16:29 1 objectClass ... lot of other rows ... 146477 edecb709-eff3-45fc-8cbd-6760e0045ca3 10598 2018-07-08 23:17:52 1 msDS-SupportedEncryptionTypes 0 entries. Type Attribute Last Mod Time Originating DSA Loc.USN Org.USN Ver ======= ============ ============= ================= ======= ======= == Distinguished Name ============================************************************* C:\Windows\system32>repadmin /showobjmeta srvsamba "CN=MYPC,CN=Computers,DC=SAMDOM,DC=LOCAL" DsReplicaGetInfo() failed with status 1359 (0x54f): An internal error occurred. ************************************* This is the log capturedon samba serverwhen running repadmin: [2018/07/09 22:36:18.056211, 3] ../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2018/07/09 22:36:18.084253, 3] ../source4/smbd/service_stream.c:65(stream_terminate_connection) Terminating connection - 'ldapsrv_call_wait_done: call->wait_recv() - NT_STATUS_LOCAL_DISCONNECT' [2018/07/09 22:36:18.084815, 2] ../source4/smbd/process_standard.c:473(standard_terminate) standard_terminate: reason[ldapsrv_call_wait_done: call->wait_recv() - NT_STATUS_LOCAL_DISCONNECT] [2018/07/09 22:36:18.091409, 3] ../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2018/07/09 22:36:18.093903, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler) Child 13770 () exited with status 0 [2018/07/09 22:36:18.103075, 3] ../source4/rpc_server/drsuapi/dcesrv_drsuapi.c:89(dcesrv_drsuapi_DsBind) ../source4/rpc_server/drsuapi/dcesrv_drsuapi.c:89: doing DsBind with system_session ../source4/dsdb/kcc/kcc_drs_replica_info.c:160: Failed search for the object DN under edecb709-eff3-45fc-8cbd-6760e0045ca3 whose invocationId is CN=Configuration,DC=SAMDOM,DC=LOCALkccdrs_replica_get_info_obj_metadata2() called [2018/07/09 22:36:18.106306, 0] ../source4/dsdb/kcc/kcc_drs_replica_info.c:228(kccdrs_replica_get_info_obj_metadata2) attribute_id = 0, attribute_name: objectClass [2018/07/09 22:36:18.106761, 0] ../source4/dsdb/kcc/kcc_drs_replica_info.c:160(get_dn_from_invocation_id) [2018/07/09 22:36:18.119609, 3] ../source4/smbd/service_stream.c:65(stream_terminate_connection) Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_RESET' [2018/07/09 22:36:18.119888, 3] ../source4/smbd/process_single.c:114(single_terminate) single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_RESET] [2018/07/09 22:36:18.120038, 3] ../source4/smbd/service_stream.c:65(stream_terminate_connection) Terminating connection - 'dcesrv: NT_STATUS_CONNECTION_RESET' [2018/07/09 22:36:18.120245, 3] ../source4/smbd/process_single.c:114(single_terminate) single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_RESET] Is this a bug? How can I fix it?
Ing. Claudio Nicora
2018-Jul-10 07:35 UTC
[Samba] Repadmin fails when querying Samba server 4.7.6
Some other info about this issue. It's the same as the one described in this bug: https://bugzilla.samba.org/show_bug.cgi?id=11415 It seems that replication from Win2008R2 --> Samba works... **************************************************************** # samba-tool drs showrepl ==== INBOUND NEIGHBORS === CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 09:17:08 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 09:17:08 2018 CEST CN=Configuration,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 09:17:08 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 09:17:08 2018 CEST DC=ForestDnsZones,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 09:20:01 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 09:20:01 2018 CEST DC=DomainDnsZones,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 09:17:08 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 09:17:08 2018 CEST DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 09:20:35 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 09:20:35 2018 CEST ==== OUTBOUND NEIGHBORS === CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Mon Jul 9 22:16:58 2018 CEST was successful 0 consecutive failure(s). Last success @ Mon Jul 9 22:16:58 2018 CEST CN=Configuration,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 09:12:16 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 09:12:16 2018 CEST DC=ForestDnsZones,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 08:59:05 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 08:59:05 2018 CEST DC=DomainDnsZones,DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Mon Jul 9 22:16:58 2018 CEST was successful 0 consecutive failure(s). Last success @ Mon Jul 9 22:16:58 2018 CEST DC=SAMDOM,DC=IT Default-First-Site-Name\SRVWIN via RPC DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 Last attempt @ Tue Jul 10 08:31:27 2018 CEST was successful 0 consecutive failure(s). Last success @ Tue Jul 10 08:31:27 2018 CEST ==== KCC CONNECTION OBJECTS === Connection -- Connection name: d7373eb1-82b4-4509-a063-fcdac7b194d9 Enabled : TRUE Server DNS name : SRVWIN.samdom.local Server DN name : CN=NTDS Settings,CN=SRVWIN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! **************************************************************** ...while Samba --> Win2008R2 doesnt: PS C:\Users\Administrator.SAMDOM> repadmin /showrepl Repadmin: running command /showrepl against full DC localhost Default-First-Site-Name\SRVWIN DSA Options: IS_GC Site Options: (none) DSA object GUID: 237cdbec-2e42-4b36-b571-eea51daaa535 DSA invocationID: 6627c041-b55c-4067-9e9b-e7da63be664d ==== INBOUND NEIGHBORS ===================================== DC=SAMDOM,DC=LOCAL Default-First-Site-Name\SRVSAMBA via RPC DSA object GUID: 8d7e07b2-8e53-4338-bbf7-dfbf866d962d Last attempt @ 2018-07-10 08:50:33 failed, result 8418 (0x20e2): The replication operation failed because of a schema mismatch between the servers involved. 3 consecutive failure(s). Last success @ 2018-07-08 23:18:10. CN=Configuration,DC=SAMDOM,DC=LOCAL Default-First-Site-Name\SRVSAMBA via RPC DSA object GUID: 8d7e07b2-8e53-4338-bbf7-dfbf866d962d Last attempt @ 2018-07-10 09:12:15 was successful. CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL Default-First-Site-Name\SRVSAMBA via RPC DSA object GUID: 8d7e07b2-8e53-4338-bbf7-dfbf866d962d Last attempt @ 2018-07-10 08:50:33 was successful. DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL Default-First-Site-Name\SRVSAMBA via RPC DSA object GUID: 8d7e07b2-8e53-4338-bbf7-dfbf866d962d Last attempt @ 2018-07-10 08:50:32 was successful. DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL Default-First-Site-Name\SRVSAMBA via RPC DSA object GUID: 8d7e07b2-8e53-4338-bbf7-dfbf866d962d Last attempt @ 2018-07-10 08:59:04 was successful. Source: Default-First-Site-Name\SRVSAMBA ******* 3 CONSECUTIVE FAILURES since 2018-07-08 23:18:10 Last error: 8418 (0x20e2): The replication operation failed because of a schema mismatch between the servers involved. **************************************************************** Shall I join to that bug report? If yes, is there someone here able to create a bugzilla accout for me or shall I send a specific request to bugzilla-maintenance at samba.org? Il 09/07/2018 22:57, Ing. Claudio Nicora ha scritto:> I'm trying to fix a replication error that occurs between Win2008R2 > (srvwin) and Samba 4.7.6 DCs (srvsamba). > Event viewer on Win2008R2 server reports that synchronization failed > on a specific Computer object because of schema version misalignment > between servers.
Andrew Bartlett
2018-Jul-10 07:41 UTC
[Samba] Repadmin fails when querying Samba server 4.7.6
On Tue, 2018-07-10 at 09:35 +0200, Ing. Claudio Nicora via samba wrote:> Some other info about this issue. > It's the same as the one described in this bug: > https://bugzilla.samba.org/show_bug.cgi?id=11415Try with 4.8.3. We have managed to join Windows 2012R2 with that release, after doing a Samba-side schema upgrade to the 2012 schema. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba