Stefan G. Weichinger
2019-Jul-31 16:27 UTC
[Samba] GPO issues - getting SYSVOL cleaned up again
"--seize" helped: root at pre01svdeb03:~# samba-tool fsmo show SchemaMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at InfrastructureMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at RidAllocationMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at PdcEmulationMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at DomainNamingMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at DomainDnsZonesMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at ForestDnsZonesMasterRole owner: CN=NTDS Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at now for a break and some food stay tuned :-P
On 31/07/2019 17:27, Stefan G. Weichinger via samba wrote:> "--seize" helped: > > root at pre01svdeb03:~# samba-tool fsmo show > SchemaMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > InfrastructureMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > RidAllocationMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > PdcEmulationMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > DomainNamingMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > DomainDnsZonesMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > ForestDnsZonesMasterRole owner: CN=NTDS > Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at > > now for a break and some food > > stay tuned :-P >It also might have helped if you had read the tools 'help', where it tells you to provide a username & password to transfer all the roles. Rowland
Stefan G. Weichinger
2019-Jul-31 17:19 UTC
[Samba] GPO issues - getting SYSVOL cleaned up again
Progress: no more "dc" in rgrep on both servers PTR for the rejoined pre01svdeb02 is missing, so I assumed we need a dnsupdate: root at pre01svdeb02:~# samba_dnsupdate --verbose IPs: ['192.168.16.205'] need cache add: A pre01svdeb02.pilsbacher.at 192.168.16.205 Looking for DNS entry A pre01svdeb02.pilsbacher.at 192.168.16.205 as pre01svdeb02.pilsbacher.at. need cache add: NS pilsbacher.at pre01svdeb02.pilsbacher.at Looking for DNS entry NS pilsbacher.at pre01svdeb02.pilsbacher.at as pilsbacher.at. need cache add: NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at Looking for DNS entry NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as _msdcs.pilsbacher.at. need cache add: A pilsbacher.at 192.168.16.205 Looking for DNS entry A pilsbacher.at 192.168.16.205 as pilsbacher.at. need cache add: SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._udp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._tcp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 need cache add: SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._udp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 need cache add: CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at Looking for DNS entry CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at. need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: A gc._msdcs.pilsbacher.at 192.168.16.205 Looking for DNS entry A gc._msdcs.pilsbacher.at 192.168.16.205 as gc._msdcs.pilsbacher.at. need cache add: SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _gc._tcp.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _ldap._tcp.gc._msdcs.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: A DomainDnsZones.pilsbacher.at 192.168.16.205 Looking for DNS entry A DomainDnsZones.pilsbacher.at 192.168.16.205 as DomainDnsZones.pilsbacher.at. Lookup of DomainDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for A DomainDnsZones.pilsbacher.at 192.168.16.205 need update: A DomainDnsZones.pilsbacher.at 192.168.16.205 need cache add: SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.DomainDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: A ForestDnsZones.pilsbacher.at 192.168.16.205 Looking for DNS entry A ForestDnsZones.pilsbacher.at 192.168.16.205 as ForestDnsZones.pilsbacher.at. Lookup of ForestDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for A ForestDnsZones.pilsbacher.at 192.168.16.205 need update: A ForestDnsZones.pilsbacher.at 192.168.16.205 need cache add: SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.ForestDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 10 DNS updates and 0 DNS deletes needed Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ update(nsupdate): SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _gc._tcp.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.gc._msdcs.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): A DomainDnsZones.pilsbacher.at 192.168.16.205 Calling nsupdate for A DomainDnsZones.pilsbacher.at 192.168.16.205 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: DomainDnsZones.pilsbacher.at. 900 IN A 192.168.16.205 ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.DomainDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): A ForestDnsZones.pilsbacher.at 192.168.16.205 Calling nsupdate for A ForestDnsZones.pilsbacher.at 192.168.16.205 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: ForestDnsZones.pilsbacher.at. 900 IN A 192.168.16.205 ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.ForestDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Rebuilding cache at /var/lib/samba/private/dns_update_cache Adding A pre01svdeb02.pilsbacher.at 192.168.16.205 to dns_update_cache Adding NS pilsbacher.at pre01svdeb02.pilsbacher.at to dns_update_cache Adding NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at to dns_update_cache Adding A pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 to dns_update_cache Adding SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 to dns_update_cache Adding CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding A gc._msdcs.pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding A DomainDnsZones.pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding A ForestDnsZones.pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Failed update of 10 entries root at pre01svdeb02:~# samba_dnsupdate --verbose IPs: ['192.168.16.205'] Looking for DNS entry A pre01svdeb02.pilsbacher.at 192.168.16.205 as pre01svdeb02.pilsbacher.at. Looking for DNS entry NS pilsbacher.at pre01svdeb02.pilsbacher.at as pilsbacher.at. Looking for DNS entry NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as _msdcs.pilsbacher.at. Looking for DNS entry A pilsbacher.at 192.168.16.205 as pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._udp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._tcp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._udp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry A gc._msdcs.pilsbacher.at 192.168.16.205 as gc._msdcs.pilsbacher.at. Looking for DNS entry SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry A DomainDnsZones.pilsbacher.at 192.168.16.205 as DomainDnsZones.pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry A ForestDnsZones.pilsbacher.at 192.168.16.205 as ForestDnsZones.pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 No DNS updates needed but so far no entries there showrepl looks good to me ... just wait for some magic to happen?