durwin at mgtsciences.com
2020-Feb-27 15:48 UTC
[Samba] User names not replicating to secondary DC
I have 2 Ububtu DCs. One acting as a secondary/failover. At one point the users were replicated from primary to secondary. But now they are not replicating. The output from samba-tool drs showrepl is attached. What else may I provide to aid diagnostics? I know Samba does not replicate sysvol 'yet', so rsync is needed, but that does not seem to contain the users. Thank you, Durwin This email message and any attachments are for the sole use of the intended recipient(s) and may contain proprietary and/or confidential information which may be privileged or otherwise protected from disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient(s), please contact the sender by reply email and destroy the original message and any copies of the message as well as any attachments to the original message. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dc0-samba-tool.txt URL: <http://lists.samba.org/pipermail/samba/attachments/20200227/a35ae1e4/dc0-samba-tool.txt> -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dc1-samba-tool.txt URL: <http://lists.samba.org/pipermail/samba/attachments/20200227/a35ae1e4/dc1-samba-tool.txt>
On 27/02/2020 15:48, Durwin via samba wrote:> I have 2 Ububtu DCs. One acting as a secondary/failover.You have 2 DCs, one holds all the FSMO roles, the other holds none> At one point > the users were replicated from primary to secondary.Replication between them used to work.> But now they are not > replicating.Now it doesn't.> The output from samba-tool drs showrepl is attached. What else may I > provide to aid diagnostics? > I know Samba does not replicate sysvol 'yet', so rsync is needed, but that > does not seem to contain the users.Sysvol holds the GPOs (they are also in AD), the user objects etc are only in AD, these are what is replicated between DCs. Going to need a lot more info, OS, Samba version, smb.conf files etc. Rowland
durwin at mgtsciences.com
2020-Feb-27 17:15 UTC
[Samba] User names not replicating to secondary DC
OS: Linux dc0 4.15.0-88-generic #88-Ubuntu SMP Tue Feb 11 20:11:34 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux OS: Linux dc1 4.15.0-76-generic #86-Ubuntu SMP Fri Jan 17 17:24:28 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux Ubuntu18.04> samba --version Version 4.7.6-Ubuntu ==DC0 resolv.conf Ubuntu18.04> less /etc/resolv.conf nameserver 172.23.93.25 nameserver 172.23.93.3 search msi.mydomain.com mydomain.com == DC1 resolv.conf Ubuntu18.04> less /etc/resolv.conf nameserver 172.23.93.25 nameserver 172.23.93.3 search msi.mydomain.com mydomain.com == DC0 hosts 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 172.23.93.25 dc0.msi.mydomain.com dc0 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts == DC1 hosts 127.0.0.1 localhost 172.23.93.25 dc0.msi.mydomain.com dc0 172.23.93.26 dc1.msi.mydomain.com dc1 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters == Ub18.04> host -t SRV _ldap._tcp.msi.mydomain.com. _ldap._tcp.msi.mydomain.com has SRV record 0 100 389 dc1.msi.mydomain.com. _ldap._tcp.msi.mydomain.com has SRV record 0 100 389 dc0.msi.mydomain.com. == Anything else needed? Thank you, Durwin> From: "Rowland penny via samba" <samba at lists.samba.org> > To: samba at lists.samba.org > Date: 02/27/2020 09:26 AM > Subject: Re: [Samba] User names not replicating to secondary DC > Sent by: "samba" <samba-bounces at lists.samba.org> > > On 27/02/2020 15:48, Durwin via samba wrote: > > I have 2 Ububtu DCs. One acting as a secondary/failover. > You have 2 DCs, one holds all the FSMO roles, the other holds none > > At one point > > the users were replicated from primary to secondary. > Replication between them used to work. > > But now they are not > > replicating. > Now it doesn't. > > The output from samba-tool drs showrepl is attached. What else may I > > provide to aid diagnostics? > > I know Samba does not replicate sysvol 'yet', so rsync is needed, butthat> > does not seem to contain the users. > Sysvol holds the GPOs (they are also in AD), the user objects etc are > only in AD, these are what is replicated between DCs. > > Going to need a lot more info, OS, Samba version, smb.conf files etc. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaThis email message and any attachments are for the sole use of the intended recipient(s) and may contain proprietary and/or confidential information which may be privileged or otherwise protected from disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient(s), please contact the sender by reply email and destroy the original message and any copies of the message as well as any attachments to the original message. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dc0-samba-tool.txt URL: <http://lists.samba.org/pipermail/samba/attachments/20200227/c8427a34/dc0-samba-tool.txt> -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dc1-samba-tool.txt URL: <http://lists.samba.org/pipermail/samba/attachments/20200227/c8427a34/dc1-samba-tool.txt>
durwin at mgtsciences.com
2020-Feb-27 17:20 UTC
[Samba] User names not replicating to secondary DC
Resent as last did not show the other 2 attachments. OS: Linux dc0 4.15.0-88-generic #88-Ubuntu SMP Tue Feb 11 20:11:34 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux OS: Linux dc1 4.15.0-76-generic #86-Ubuntu SMP Fri Jan 17 17:24:28 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux Ubuntu18.04> samba --version Version 4.7.6-Ubuntu ==DC0 resolv.conf Ubuntu18.04> less /etc/resolv.conf nameserver 172.23.93.25 nameserver 172.23.93.3 search msi.mydomain.com mydomain.com == DC1 resolv.conf Ubuntu18.04> less /etc/resolv.conf nameserver 172.23.93.25 nameserver 172.23.93.3 search msi.mydomain.com mydomain.com == DC0 hosts 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 172.23.93.25 dc0.msi.mydomain.com dc0 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts == DC1 hosts 127.0.0.1 localhost 172.23.93.25 dc0.msi.mydomain.com dc0 172.23.93.26 dc1.msi.mydomain.com dc1 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters == Ub18.04> host -t SRV _ldap._tcp.msi.mydomain.com. _ldap._tcp.msi.mydomain.com has SRV record 0 100 389 dc1.msi.mydomain.com. _ldap._tcp.msi.mydomain.com has SRV record 0 100 389 dc0.msi.mydomain.com. == Anything else needed? Thank you, Durwin> From: "Rowland penny via samba" <samba at lists.samba.org> > To: samba at lists.samba.org > Date: 02/27/2020 09:26 AM > Subject: Re: [Samba] User names not replicating to secondary DC > Sent by: "samba" <samba-bounces at lists.samba.org> > > On 27/02/2020 15:48, Durwin via samba wrote: > > I have 2 Ububtu DCs. One acting as a secondary/failover. > You have 2 DCs, one holds all the FSMO roles, the other holds none > > At one point > > the users were replicated from primary to secondary. > Replication between them used to work. > > But now they are not > > replicating. > Now it doesn't. > > The output from samba-tool drs showrepl is attached. What else may I > > provide to aid diagnostics? > > I know Samba does not replicate sysvol 'yet', so rsync is needed, butthat> > does not seem to contain the users. > Sysvol holds the GPOs (they are also in AD), the user objects etc are > only in AD, these are what is replicated between DCs. > > Going to need a lot more info, OS, Samba version, smb.conf files etc. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaThis email message and any attachments are for the sole use of the intended recipient(s) and may contain proprietary and/or confidential information which may be privileged or otherwise protected from disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient(s), please contact the sender by reply email and destroy the original message and any copies of the message as well as any attachments to the original message.
durwin at mgtsciences.com
2020-Feb-27 17:25 UTC
[Samba] User names not replicating to secondary DC
Two attachments are not being sent. Pasting contents.
DC0 smb.conf
# Global parameters
[global]
netbios name = DC0
realm = MSI.MYDOMAIN.COM
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
workgroup = MSI
# This line was added 190710 (DFD)
dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool
idmap_ldb:use rfc2307 = yes
[netlogon]
path = /var/lib/samba/sysvol/msi.mydomain.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
==
DC1 smb.conf
# Global parameters
[global]
netbios name = DC1
realm = MSI.MYDOMAIN.COM
server role = active directory domain controller
workgroup = MSI
dns forwarder = 172.23.93.3
idmap_ldb:use rfc2307 = yes
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes
# This line added 200129 DFD.
dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool
[netlogon]
path = /var/lib/samba/sysvol/msi.mydomain.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
==Resent as last did not show the other 2 attachments.
OS: Linux dc0 4.15.0-88-generic #88-Ubuntu SMP Tue Feb 11 20:11:34 UTC
2020 x86_64 x86_64 x86_64 GNU/Linux
OS: Linux dc1 4.15.0-76-generic #86-Ubuntu SMP Fri Jan 17 17:24:28 UTC
2020 x86_64 x86_64 x86_64 GNU/Linux
Ubuntu18.04> samba --version
Version 4.7.6-Ubuntu
==DC0 resolv.conf
Ubuntu18.04> less /etc/resolv.conf
nameserver 172.23.93.25
nameserver 172.23.93.3
search msi.mydomain.com mydomain.com
==
DC1 resolv.conf
Ubuntu18.04> less /etc/resolv.conf
nameserver 172.23.93.25
nameserver 172.23.93.3
search msi.mydomain.com mydomain.com
==
DC0 hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
172.23.93.25 dc0.msi.mydomain.com dc0
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
==
DC1 hosts
127.0.0.1 localhost
172.23.93.25 dc0.msi.mydomain.com dc0
172.23.93.26 dc1.msi.mydomain.com dc1
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
==
Ub18.04> host -t SRV _ldap._tcp.msi.mydomain.com.
_ldap._tcp.msi.mydomain.com has SRV record 0 100 389 dc1.msi.mydomain.com.
_ldap._tcp.msi.mydomain.com has SRV record 0 100 389 dc0.msi.mydomain.com.
==
Anything else needed?
Thank you,
Durwin
> From: "Rowland penny via samba" <samba at lists.samba.org>
> To: samba at lists.samba.org
> Date: 02/27/2020 09:26 AM
> Subject: Re: [Samba] User names not replicating to secondary DC
> Sent by: "samba" <samba-bounces at lists.samba.org>
>
> On 27/02/2020 15:48, Durwin via samba wrote:
> > I have 2 Ububtu DCs. One acting as a secondary/failover.
> You have 2 DCs, one holds all the FSMO roles, the other holds none
> > At one point
> > the users were replicated from primary to secondary.
> Replication between them used to work.
> > But now they are not
> > replicating.
> Now it doesn't.
> > The output from samba-tool drs showrepl is attached. What else may I
> > provide to aid diagnostics?
> > I know Samba does not replicate sysvol 'yet', so rsync is
needed, but
that> > does not seem to contain the users.
> Sysvol holds the GPOs (they are also in AD), the user objects etc are
> only in AD, these are what is replicated between DCs.
>
> Going to need a lot more info, OS, Samba version, smb.conf files etc.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
This email message and any attachments are for the sole use of the
intended recipient(s) and may contain proprietary and/or confidential
information which may be privileged or otherwise protected from
disclosure. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient(s), please contact the
sender by reply email and destroy the original message and any copies of
the message as well as any attachments to the original message.
Your setup is in consistant.> 127.0.0.1 localhost.localdomain localhost> 127.0.0.1 localhostI suggest run my debugscript, make sure the servers there base setup is the same. + set both DC's there /etc/resolv.conf search msi.mydomain.com mydomain.com # IF THIS IS DC1 nameserver 172.23.93.26 nameserver 172.23.93.25 nameserver 172.23.93.3 # and for DC0 nameserver 172.23.93.25 nameserver 172.23.93.26 nameserver 172.23.93.3 But the first resolving it the dc's its one ip. Then reboot them. And then check again. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Durwin via samba > Verzonden: donderdag 27 februari 2020 18:15 > Aan: Rowland penny > CC: samba at lists.samba.org; samba > Onderwerp: Re: [Samba] User names not replicating to secondary DC > > OS: Linux dc0 4.15.0-88-generic #88-Ubuntu SMP Tue Feb 11 > 20:11:34 UTC > 2020 x86_64 x86_64 x86_64 GNU/Linux > OS: Linux dc1 4.15.0-76-generic #86-Ubuntu SMP Fri Jan 17 > 17:24:28 UTC > 2020 x86_64 x86_64 x86_64 GNU/Linux > > Ubuntu18.04> samba --version > Version 4.7.6-Ubuntu > > ==> DC0 resolv.conf > Ubuntu18.04> less /etc/resolv.conf > nameserver 172.23.93.25 > nameserver 172.23.93.3 > search msi.mydomain.com mydomain.com > ==> > DC1 resolv.conf > Ubuntu18.04> less /etc/resolv.conf > nameserver 172.23.93.25 > nameserver 172.23.93.3 > search msi.mydomain.com mydomain.com > ==> > DC0 hosts > 127.0.0.1 localhost.localdomain localhost > ::1 localhost6.localdomain6 localhost6 > 172.23.93.25 dc0.msi.mydomain.com dc0 > > # The following lines are desirable for IPv6 capable hosts > ::1 localhost ip6-localhost ip6-loopback > fe00::0 ip6-localnet > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > ff02::3 ip6-allhosts > ==> > DC1 hosts > 127.0.0.1 localhost > 172.23.93.25 dc0.msi.mydomain.com dc0 > 172.23.93.26 dc1.msi.mydomain.com dc1 > > # The following lines are desirable for IPv6 capable hosts > ::1 ip6-localhost ip6-loopback > fe00::0 ip6-localnet > ff00::0 ip6-mcastprefix > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > ==> > Ub18.04> host -t SRV _ldap._tcp.msi.mydomain.com. > _ldap._tcp.msi.mydomain.com has SRV record 0 100 389 > dc1.msi.mydomain.com. > _ldap._tcp.msi.mydomain.com has SRV record 0 100 389 > dc0.msi.mydomain.com. > ==> > > > Anything else needed? > > Thank you, > > Durwin > > > From: "Rowland penny via samba" <samba at lists.samba.org> > > To: samba at lists.samba.org > > Date: 02/27/2020 09:26 AM > > Subject: Re: [Samba] User names not replicating to secondary DC > > Sent by: "samba" <samba-bounces at lists.samba.org> > > > > On 27/02/2020 15:48, Durwin via samba wrote: > > > I have 2 Ububtu DCs. One acting as a secondary/failover. > > You have 2 DCs, one holds all the FSMO roles, the other holds none > > > At one point > > > the users were replicated from primary to secondary. > > Replication between them used to work. > > > But now they are not > > > replicating. > > Now it doesn't. > > > The output from samba-tool drs showrepl is attached. > What else may I > > > provide to aid diagnostics? > > > I know Samba does not replicate sysvol 'yet', so rsync is > needed, but > that > > > does not seem to contain the users. > > Sysvol holds the GPOs (they are also in AD), the user > objects etc are > > only in AD, these are what is replicated between DCs. > > > > Going to need a lot more info, OS, Samba version, smb.conf > files etc. > > > > Rowland > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > This email message and any attachments are for the sole use of the > intended recipient(s) and may contain proprietary and/or confidential > information which may be privileged or otherwise protected from > disclosure. Any unauthorized review, use, disclosure or > distribution is > prohibited. If you are not the intended recipient(s), please > contact the > sender by reply email and destroy the original message and > any copies of > the message as well as any attachments to the original message.-- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >