Hi, We did not upgrade in the real sense of upgrade. We did not directly apply the patch on the servers. Our steps were as follows: 1. Created an additional Domain Controller with Samba-AD 4.10.4. 2. Transferred the FSMO Roles to the new domain controller. 3. Stopped Samba-AD-DC and Bind9 services, demoted the Samba-4.7.6 DCs with samba-tool domain demote command. 4. Cleaned the /usr/local/samba folder, removed the contents. 5. Upgraded the OS - CentOS 7.6, Python and changed the default Python to Python 3.4.x. 6. ./configure, make & make install went on well without any errors. 7. Promoted Samba AS Domain Controllers using samba-tool command with BIND9_DLZ option. 8. Removed the old krb5.conf from /etc/ and copied the krb5.conf from /usr/local/samba/private 9. Started samba-ad-dc service and bind9 service. 10. Transferred the FSMO Rolls back to the primary server which originally held these rolls. 11. Demoted the temporary 5th server and removed it from the network. *Any info in logs :* Really speaking, we did not notice. I will have to store the logs separately when this error occurs again. But we have observed that when this error occurs, we have seen that the replication from the one which holds PDC emulator role to another particular server fails and throws error RPC SERVER IS UNAVAILABLE. *When this error occurs whether we restart samba or client *- For RSAT and WIndows Desktop, sometimes we have to restart the client. More often than not we restart the samba service on logon server and this error disappears. Replication error also disappears. We have to run samba-tool dbcheck and check the output. I will update it back here. Do I have to run this command on all 4 servers? or one server which looks like giving trouble? Thanks & regards, Anantha Raghava Do not print this e-mail unless required. Save Paper & trees. On 18/06/19 3:25 pm, Andrew Bartlett wrote:> On Mon, 2019-06-17 at 20:14 +0530, Anantha Raghava via samba wrote: >> Hi, >> >> We were running Samba-AD - Version 4.7.6 for over 2 years without any >> errors. We have 4 Domain Controllers in our setup and DNS is BIND_DLZ >> (BIND 9.9.4). Off late (since 8th June 2019) we upgraded the Samba-AD >> version to 4.10.4 and all of sudden we started receiving the error "RPC >> Server not available" when we are trying to join the new PCs to domain. >> After multiple attempts the PC gets added to domain. We restart samba >> server on the log on server, the error goes off. There is no specific >> pattern for this appear to appear. > Is there anything in the Samba logs? > >> We are receiving the same error whenever we are trying to add a new user >> or modify a user attribute in RSAT. When this error comes, we have to >> restart the RSAT server multiple times to start functioning again. > Are you restarting Samba or RSAT on the client? > >> Is there is any specific reason for this error? How do we fix it. > We will need much more detail to determine that. Does the server > operate normally when not making modifications? What does samba-tool > dbcheck say? > > If Rowand's suspicions are correct, have you tried a samba-tool dbcheck > --reindex? > > Andrew Bartlett >
On 18/06/2019 12:02, Anantha Raghava via samba wrote:> Hi, > > We did not upgrade in the real sense of upgrade. We did not directly > apply the patch on the servers. Our steps were as follows: >You can reduce that down to 'we upgraded directly to 4.10.x from 4.7.x' Can I also suggest that you stop upgrading that way, if you do it often enough, you will eventually exhaust the ridpool> > We have to run samba-tool dbcheck and check the output. I will update > it back here. > > Do I have to run this command on all 4 servers? or one server which > looks like giving trouble?You should only need to run it once on the PDC Emulator role owner, replication should do the rest. If this doesn't work, then I would suggest you start downgrading again. Rowland
> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: dinsdag 18 juni 2019 13:15 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] RPC Server Unavailable - Error > > On 18/06/2019 12:02, Anantha Raghava via samba wrote: > > Hi, > > > > We did not upgrade in the real sense of upgrade. We did not > directly > > apply the patch on the servers. Our steps were as follows: > > > You can reduce that down to 'we upgraded directly to 4.10.x > from 4.7.x' > > Can I also suggest that you stop upgrading that way, if you > do it often > enough, you will eventually exhaust the ridpool > > > > > We have to run samba-tool dbcheck and check the output. I > will update > > it back here. > > > > Do I have to run this command on all 4 servers? or one server which > > looks like giving trouble? > > You should only need to run it once on the PDC Emulator role owner, > replication should do the rest. > > If this doesn't work, then I would suggest you start downgrading again.If it looks if downgrading is needed, then first try to run : samba-tool dbcheck --reindex That might help fixing it. ( run it on every DC ) ! And beware the the RPC ports have changed, so do check. https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage Dynamic RPC Ports Greetz, Louis
Hi, This morning, again we encountered the same issue. When RSAT reported the RPC Server error, the replication between servers was failing as well. As you suggested, we rung the dbcheck command, which threw the mismatch on count of deleted objects. 3 servers had 3 entries in deleted objects whereas the 4th server had 4 entries in deleted objects. samba-tool dbcheck --reindex did not fix this part. We ran samba-tool dbcheck fix --cross-ncs --fix command on all severs and this fixed the mismatch in number of objects. Again we ran samba-tool dbchek --reindex on all 4 servers. The problem seems to have got fixed. We have kept the servers under observation. For the moment, we have raised the log level to 5. In case the issue surfaces once again, I will notify here with logs as well. Thanks for your guidance. Thanks & regards, Anantha Raghava Do not print this e-mail unless required. Save Paper & trees. On 18/06/19 4:54 pm, L.P.H. van Belle via samba wrote:> > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Rowland penny via samba >> Verzonden: dinsdag 18 juni 2019 13:15 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] RPC Server Unavailable - Error >> >> On 18/06/2019 12:02, Anantha Raghava via samba wrote: >>> Hi, >>> >>> We did not upgrade in the real sense of upgrade. We did not >> directly >>> apply the patch on the servers. Our steps were as follows: >>> >> You can reduce that down to 'we upgraded directly to 4.10.x >> from 4.7.x' >> >> Can I also suggest that you stop upgrading that way, if you >> do it often >> enough, you will eventually exhaust the ridpool >> >>> We have to run samba-tool dbcheck and check the output. I >> will update >>> it back here. >>> >>> Do I have to run this command on all 4 servers? or one server which >>> looks like giving trouble? >> You should only need to run it once on the PDC Emulator role owner, >> replication should do the rest. >> >> If this doesn't work, then I would suggest you start downgrading again. > If it looks if downgrading is needed, then first try to run : samba-tool dbcheck --reindex > That might help fixing it. ( run it on every DC ) ! > > And beware the the RPC ports have changed, so do check. > https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage Dynamic RPC Ports > > > Greetz, > > Louis > > >