Hai Julien, Ah, ok, then im suspecting a regression bug here. For some reason somethings this happens, if you've had rebooted the servers, it would probely be fixed also. There where some older reports on this, but good to know its back or still there A manual run of : samba_dnsupdate --all-names --verbose Should/could helped to fix it also. And Thank you for the quick reply. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Julien TEHERY via samba > Verzonden: donderdag 22 november 2018 10:02 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Samba4 multiple DCs replication > > Le 22/11/2018 à 09:58, L.P.H. van Belle via samba a écrit : > > Good its fixed now, but 1 question, just for me .. > > > > Did you reboot both servers or did you only restart/reload > the services. > > > > > > Greetz, > > > > Louis > I only restarted the services. (samba and bind). Maybe it wasn't > required, but I did it. > > > > > >> -----Oorspronkelijk bericht----- > >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >> Julien TEHERY via samba > >> Verzonden: donderdag 22 november 2018 9:35 > >> Aan: samba at lists.samba.org > >> Onderwerp: Re: [Samba] Samba4 multiple DCs replication > >> > >> Le 22/11/2018 à 08:38, Julien TEHERY via samba a écrit : > >>> Le 21/11/2018 à 17:47, Rowland Penny via samba a écrit : > >>>> On Wed, 21 Nov 2018 17:33:28 +0100 > >>>> Julien TEHERY via samba <samba at lists.samba.org> wrote: > >>>> > >>>>> Another thing, I see that only DC1 has OUTBOUND NEIGHBORS > >> (all failed > >>>>> with an WERR_FILE_NOT_FOUND error) > >>>>> All the other DCs have only an INBOUND NEIGHBORS and no OUTBOUND > >>>>> NEIGHBORS > >>>> You have problems, all DC's at a site should replicate to > >> each other > >>>> and there should be replication between sites. Is > something like a > >>>> firewall getting in the way ? > >>>> > >>>> Have you checked the AD databases ? > >>>> > >>>> Rowland > >>> There is no firewall between the 3 DCs on the main site (same > >>> subnet), however there are no outbound neighbors on DC2 and DC3 > >>> replication status > >>> An yes AD db have been checked. > >>> > >>> > >> Know what, I just found out the problem. > >> CNAME records were missing, according to > >> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_D > >> NS_Record > >> I addes them, restarted both samba and bind, and then all > inbound and > >> outbound connections appeared, > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Le 22/11/2018 à 10:07, L.P.H. van Belle via samba a écrit :> Hai Julien, > > Ah, ok, then im suspecting a regression bug here. > For some reason somethings this happens, if you've had rebooted the servers, it would probely be fixed also. > > There where some older reports on this, but good to know its back or still there > A manual run of : samba_dnsupdate --all-names --verbose > Should/could helped to fix it also. > > And Thank you for the quick reply. > > Greetz, > > Louis >Ok, I try to reboot all the DCs juste to see what happens. Then replication is still fine on the 3 main DCs (main site) with inbound/outbound neighbors, but now "samba-tool drs whowrepl" doesn't work anymore on 2 remote DCs. Even they don't have outbound neighbors anymore.. :( They have error like: Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192 .168.174.1[1024,seal,target_hostname=dc1-site-02.mydomain.lan,abstract_syntax=e3 514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.174.1] NT_STAT US_IO_TIMEOUT Yhen I looked in ldb with ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationId=*)' --cross-ncs objectguid and saw doublons in it. I ran dbcheck on all DCs, but it didn't cleared the obsoletes records. I guess those doublons are here because I ran so many tests on this test domain (promote/demote) Is there a way to clean it up ?>> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Julien TEHERY via samba >> Verzonden: donderdag 22 november 2018 10:02 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] Samba4 multiple DCs replication >> >> Le 22/11/2018 à 09:58, L.P.H. van Belle via samba a écrit : >>> Good its fixed now, but 1 question, just for me .. >>> >>> Did you reboot both servers or did you only restart/reload >> the services. >>> >>> Greetz, >>> >>> Louis >> I only restarted the services. (samba and bind). Maybe it wasn't >> required, but I did it. >>> >>> >>>> -----Oorspronkelijk bericht----- >>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >>>> Julien TEHERY via samba >>>> Verzonden: donderdag 22 november 2018 9:35 >>>> Aan: samba at lists.samba.org >>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication >>>> >>>> Le 22/11/2018 à 08:38, Julien TEHERY via samba a écrit : >>>>> Le 21/11/2018 à 17:47, Rowland Penny via samba a écrit : >>>>>> On Wed, 21 Nov 2018 17:33:28 +0100 >>>>>> Julien TEHERY via samba <samba at lists.samba.org> wrote: >>>>>> >>>>>>> Another thing, I see that only DC1 has OUTBOUND NEIGHBORS >>>> (all failed >>>>>>> with an WERR_FILE_NOT_FOUND error) >>>>>>> All the other DCs have only an INBOUND NEIGHBORS and no OUTBOUND >>>>>>> NEIGHBORS >>>>>> You have problems, all DC's at a site should replicate to >>>> each other >>>>>> and there should be replication between sites. Is >> something like a >>>>>> firewall getting in the way ? >>>>>> >>>>>> Have you checked the AD databases ? >>>>>> >>>>>> Rowland >>>>> There is no firewall between the 3 DCs on the main site (same >>>>> subnet), however there are no outbound neighbors on DC2 and DC3 >>>>> replication status >>>>> An yes AD db have been checked. >>>>> >>>>> >>>> Know what, I just found out the problem. >>>> CNAME records were missing, according to >>>> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_D >>>> NS_Record >>>> I addes them, restarted both samba and bind, and then all >> inbound and >>>> outbound connections appeared, >>>> >>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >
Hai, Reboot the remote servers also or login and run : samba_dnsupdate --all-names --verbose samba-tool dbcheck --fix or samba-tool dbcheck --fix --cross-nc Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Julien TEHERY via samba > Verzonden: donderdag 22 november 2018 11:54 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Samba4 multiple DCs replication > > Le 22/11/2018 à 10:07, L.P.H. van Belle via samba a écrit : > > Hai Julien, > > > > Ah, ok, then im suspecting a regression bug here. > > For some reason somethings this happens, if you've had > rebooted the servers, it would probely be fixed also. > > > > There where some older reports on this, but good to know > its back or still there > > A manual run of : samba_dnsupdate --all-names --verbose > > Should/could helped to fix it also. > > > > And Thank you for the quick reply. > > > > Greetz, > > > > Louis > > > > Ok, I try to reboot all the DCs juste to see what happens. > Then replication is still fine on the 3 main DCs (main site) with > inbound/outbound neighbors, but now "samba-tool drs whowrepl" doesn't > work anymore on 2 remote DCs. > Even they don't have outbound neighbors anymore.. :( > > They have error like: > > Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for > ncacn_ip_tcp:192 > .168.174.1[1024,seal,target_hostname=dc1-site-02.mydomain.lan,abstract_syntax=e3> 514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.174.1]> NT_STAT > US_IO_TIMEOUT > > Yhen I looked in ldb with ldbsearch -H > /usr/local/samba/private/sam.ldb > '(invocationId=*)' --cross-ncs objectguid > and saw doublons in it. > > I ran dbcheck on all DCs, but it didn't cleared the obsoletes records. > I guess those doublons are here because I ran so many tests > on this test > domain (promote/demote) > Is there a way to clean it up ? > > > >> -----Oorspronkelijk bericht----- > >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >> Julien TEHERY via samba > >> Verzonden: donderdag 22 november 2018 10:02 > >> Aan: samba at lists.samba.org > >> Onderwerp: Re: [Samba] Samba4 multiple DCs replication > >> > >> Le 22/11/2018 à 09:58, L.P.H. van Belle via samba a écrit : > >>> Good its fixed now, but 1 question, just for me .. > >>> > >>> Did you reboot both servers or did you only restart/reload > >> the services. > >>> > >>> Greetz, > >>> > >>> Louis > >> I only restarted the services. (samba and bind). Maybe it wasn't > >> required, but I did it. > >>> > >>> > >>>> -----Oorspronkelijk bericht----- > >>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >>>> Julien TEHERY via samba > >>>> Verzonden: donderdag 22 november 2018 9:35 > >>>> Aan: samba at lists.samba.org > >>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication > >>>> > >>>> Le 22/11/2018 à 08:38, Julien TEHERY via samba a écrit : > >>>>> Le 21/11/2018 à 17:47, Rowland Penny via samba a écrit : > >>>>>> On Wed, 21 Nov 2018 17:33:28 +0100 > >>>>>> Julien TEHERY via samba <samba at lists.samba.org> wrote: > >>>>>> > >>>>>>> Another thing, I see that only DC1 has OUTBOUND NEIGHBORS > >>>> (all failed > >>>>>>> with an WERR_FILE_NOT_FOUND error) > >>>>>>> All the other DCs have only an INBOUND NEIGHBORS and > no OUTBOUND > >>>>>>> NEIGHBORS > >>>>>> You have problems, all DC's at a site should replicate to > >>>> each other > >>>>>> and there should be replication between sites. Is > >> something like a > >>>>>> firewall getting in the way ? > >>>>>> > >>>>>> Have you checked the AD databases ? > >>>>>> > >>>>>> Rowland > >>>>> There is no firewall between the 3 DCs on the main site (same > >>>>> subnet), however there are no outbound neighbors on DC2 and DC3 > >>>>> replication status > >>>>> An yes AD db have been checked. > >>>>> > >>>>> > >>>> Know what, I just found out the problem. > >>>> CNAME records were missing, according to > >>>> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_D > >>>> NS_Record > >>>> I addes them, restarted both samba and bind, and then all > >> inbound and > >>>> outbound connections appeared, > >>>> > >>>> > >>>> -- > >>>> To unsubscribe from this list go to the following URL > and read the > >>>> instructions: https://lists.samba.org/mailman/options/samba > >>>> > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Le 22/11/2018 à 12:18, L.P.H. van Belle via samba a écrit :> Hai, > > Reboot the remote servers also or login and run : samba_dnsupdate --all-names --verbose > samba-tool dbcheck --fix or samba-tool dbcheck --fix --cross-nc > > Greetz, > > Louis >Result is "dns_tkey_negotiategss: TKEY is unacceptable" when doing dnsupdate. I'm wondering about re installing everything from scratch in newer version. But if there's a good way to clean thos records, I'd really like to know how> >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Julien TEHERY via samba >> Verzonden: donderdag 22 november 2018 11:54 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] Samba4 multiple DCs replication >> >> Le 22/11/2018 à 10:07, L.P.H. van Belle via samba a écrit : >>> Hai Julien, >>> >>> Ah, ok, then im suspecting a regression bug here. >>> For some reason somethings this happens, if you've had >> rebooted the servers, it would probely be fixed also. >>> There where some older reports on this, but good to know >> its back or still there >>> A manual run of : samba_dnsupdate --all-names --verbose >>> Should/could helped to fix it also. >>> >>> And Thank you for the quick reply. >>> >>> Greetz, >>> >>> Louis >>> >> Ok, I try to reboot all the DCs juste to see what happens. >> Then replication is still fine on the 3 main DCs (main site) with >> inbound/outbound neighbors, but now "samba-tool drs whowrepl" doesn't >> work anymore on 2 remote DCs. >> Even they don't have outbound neighbors anymore.. :( >> >> They have error like: >> >> Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for >> ncacn_ip_tcp:192 >> .168.174.1[1024,seal,target_hostname=dc1-site-02.mydomain.lan, > abstract_syntax=e3 >> 514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192 > .168.174.1] >> NT_STAT >> US_IO_TIMEOUT >> >> Yhen I looked in ldb with ldbsearch -H >> /usr/local/samba/private/sam.ldb >> '(invocationId=*)' --cross-ncs objectguid >> and saw doublons in it. >> >> I ran dbcheck on all DCs, but it didn't cleared the obsoletes records. >> I guess those doublons are here because I ran so many tests >> on this test >> domain (promote/demote) >> Is there a way to clean it up ? >> >> >>>> -----Oorspronkelijk bericht----- >>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >>>> Julien TEHERY via samba >>>> Verzonden: donderdag 22 november 2018 10:02 >>>> Aan: samba at lists.samba.org >>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication >>>> >>>> Le 22/11/2018 à 09:58, L.P.H. van Belle via samba a écrit : >>>>> Good its fixed now, but 1 question, just for me .. >>>>> >>>>> Did you reboot both servers or did you only restart/reload >>>> the services. >>>>> Greetz, >>>>> >>>>> Louis >>>> I only restarted the services. (samba and bind). Maybe it wasn't >>>> required, but I did it. >>>>> >>>>> >>>>>> -----Oorspronkelijk bericht----- >>>>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >>>>>> Julien TEHERY via samba >>>>>> Verzonden: donderdag 22 november 2018 9:35 >>>>>> Aan: samba at lists.samba.org >>>>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication >>>>>> >>>>>> Le 22/11/2018 à 08:38, Julien TEHERY via samba a écrit : >>>>>>> Le 21/11/2018 à 17:47, Rowland Penny via samba a écrit : >>>>>>>> On Wed, 21 Nov 2018 17:33:28 +0100 >>>>>>>> Julien TEHERY via samba <samba at lists.samba.org> wrote: >>>>>>>> >>>>>>>>> Another thing, I see that only DC1 has OUTBOUND NEIGHBORS >>>>>> (all failed >>>>>>>>> with an WERR_FILE_NOT_FOUND error) >>>>>>>>> All the other DCs have only an INBOUND NEIGHBORS and >> no OUTBOUND >>>>>>>>> NEIGHBORS >>>>>>>> You have problems, all DC's at a site should replicate to >>>>>> each other >>>>>>>> and there should be replication between sites. Is >>>> something like a >>>>>>>> firewall getting in the way ? >>>>>>>> >>>>>>>> Have you checked the AD databases ? >>>>>>>> >>>>>>>> Rowland >>>>>>> There is no firewall between the 3 DCs on the main site (same >>>>>>> subnet), however there are no outbound neighbors on DC2 and DC3 >>>>>>> replication status >>>>>>> An yes AD db have been checked. >>>>>>> >>>>>>> >>>>>> Know what, I just found out the problem. >>>>>> CNAME records were missing, according to >>>>>> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_D >>>>>> NS_Record >>>>>> I addes them, restarted both samba and bind, and then all >>>> inbound and >>>>>> outbound connections appeared, >>>>>> >>>>>> >>>>>> -- >>>>>> To unsubscribe from this list go to the following URL >> and read the >>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>> >>>> >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >
Ah a know error. I suggest, look here, no need to reinstall. https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Julien TEHERY via samba > Verzonden: donderdag 22 november 2018 14:45 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Samba4 multiple DCs replication > > Le 22/11/2018 à 12:18, L.P.H. van Belle via samba a écrit : > > Hai, > > > > Reboot the remote servers also or login and run : > samba_dnsupdate --all-names --verbose > > samba-tool dbcheck --fix or samba-tool dbcheck --fix --cross-nc > > > > Greetz, > > > > Louis > > > > Result is "dns_tkey_negotiategss: TKEY is unacceptable" when doing > dnsupdate. > I'm wondering about re installing everything from scratch in > newer version. > > But if there's a good way to clean thos records, I'd really > like to know how > > > >> -----Oorspronkelijk bericht----- > >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >> Julien TEHERY via samba > >> Verzonden: donderdag 22 november 2018 11:54 > >> Aan: samba at lists.samba.org > >> Onderwerp: Re: [Samba] Samba4 multiple DCs replication > >> > >> Le 22/11/2018 à 10:07, L.P.H. van Belle via samba a écrit : > >>> Hai Julien, > >>> > >>> Ah, ok, then im suspecting a regression bug here. > >>> For some reason somethings this happens, if you've had > >> rebooted the servers, it would probely be fixed also. > >>> There where some older reports on this, but good to know > >> its back or still there > >>> A manual run of : samba_dnsupdate --all-names --verbose > >>> Should/could helped to fix it also. > >>> > >>> And Thank you for the quick reply. > >>> > >>> Greetz, > >>> > >>> Louis > >>> > >> Ok, I try to reboot all the DCs juste to see what happens. > >> Then replication is still fine on the 3 main DCs (main site) with > >> inbound/outbound neighbors, but now "samba-tool drs > whowrepl" doesn't > >> work anymore on 2 remote DCs. > >> Even they don't have outbound neighbors anymore.. :( > >> > >> They have error like: > >> > >> Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for > >> ncacn_ip_tcp:192 > >> .168.174.1[1024,seal,target_hostname=dc1-site-02.mydomain.lan, > > abstract_syntax=e3 > >> 514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192 > > .168.174.1] > >> NT_STAT > >> US_IO_TIMEOUT > >> > >> Yhen I looked in ldb with ldbsearch -H > >> /usr/local/samba/private/sam.ldb > >> '(invocationId=*)' --cross-ncs objectguid > >> and saw doublons in it. > >> > >> I ran dbcheck on all DCs, but it didn't cleared the > obsoletes records. > >> I guess those doublons are here because I ran so many tests > >> on this test > >> domain (promote/demote) > >> Is there a way to clean it up ? > >> > >> > >>>> -----Oorspronkelijk bericht----- > >>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >>>> Julien TEHERY via samba > >>>> Verzonden: donderdag 22 november 2018 10:02 > >>>> Aan: samba at lists.samba.org > >>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication > >>>> > >>>> Le 22/11/2018 à 09:58, L.P.H. van Belle via samba a écrit : > >>>>> Good its fixed now, but 1 question, just for me .. > >>>>> > >>>>> Did you reboot both servers or did you only restart/reload > >>>> the services. > >>>>> Greetz, > >>>>> > >>>>> Louis > >>>> I only restarted the services. (samba and bind). Maybe it wasn't > >>>> required, but I did it. > >>>>> > >>>>> > >>>>>> -----Oorspronkelijk bericht----- > >>>>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >>>>>> Julien TEHERY via samba > >>>>>> Verzonden: donderdag 22 november 2018 9:35 > >>>>>> Aan: samba at lists.samba.org > >>>>>> Onderwerp: Re: [Samba] Samba4 multiple DCs replication > >>>>>> > >>>>>> Le 22/11/2018 à 08:38, Julien TEHERY via samba a écrit : > >>>>>>> Le 21/11/2018 à 17:47, Rowland Penny via samba a écrit : > >>>>>>>> On Wed, 21 Nov 2018 17:33:28 +0100 > >>>>>>>> Julien TEHERY via samba <samba at lists.samba.org> wrote: > >>>>>>>> > >>>>>>>>> Another thing, I see that only DC1 has OUTBOUND NEIGHBORS > >>>>>> (all failed > >>>>>>>>> with an WERR_FILE_NOT_FOUND error) > >>>>>>>>> All the other DCs have only an INBOUND NEIGHBORS and > >> no OUTBOUND > >>>>>>>>> NEIGHBORS > >>>>>>>> You have problems, all DC's at a site should replicate to > >>>>>> each other > >>>>>>>> and there should be replication between sites. Is > >>>> something like a > >>>>>>>> firewall getting in the way ? > >>>>>>>> > >>>>>>>> Have you checked the AD databases ? > >>>>>>>> > >>>>>>>> Rowland > >>>>>>> There is no firewall between the 3 DCs on the main site (same > >>>>>>> subnet), however there are no outbound neighbors on > DC2 and DC3 > >>>>>>> replication status > >>>>>>> An yes AD db have been checked. > >>>>>>> > >>>>>>> > >>>>>> Know what, I just found out the problem. > >>>>>> CNAME records were missing, according to > >>>>>> https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_D > >>>>>> NS_Record > >>>>>> I addes them, restarted both samba and bind, and then all > >>>> inbound and > >>>>>> outbound connections appeared, > >>>>>> > >>>>>> > >>>>>> -- > >>>>>> To unsubscribe from this list go to the following URL > >> and read the > >>>>>> instructions: https://lists.samba.org/mailman/options/samba > >>>>>> > >>>> > >>>> -- > >>>> To unsubscribe from this list go to the following URL > and read the > >>>> instructions: https://lists.samba.org/mailman/options/samba > >>>> > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >