Buongiorno Marco,
> -----Oorspronkelijk bericht-----
> Van: Marco Gaiarin [mailto:marco.gaiarin at lanostrafamiglia.it]
> Verzonden: donderdag 17 juni 2021 17:59
> Aan: L.P.H. van Belle
> Onderwerp: Re: [Samba] Strange DNS issue...
>
> Riprendo quanto scritto nel suo messaggio del 16/06/2021...
>
> > Per prima cosa, Marco, buongiorno.
>
> Oh! Buongiorno, Louis! ;-)
>
>
> > Did you copy/clone the ad-dc's?
>
> Effectively, i've 'moved' DCs from privileged LXC containers to
VMs,
> stopping servicies and rsync-ing all the files; but yes, base
> installation
> of VMs was cloned.
>
>
> > Only thing i can come up with.
> > What you can do, is lookup the rights on the objects in the dns.
> > Same for the computer object in AD.
>
> Do you mean files? Or ACL in AD?
I did mean, who created/own's the object in AD-DB and yes,
ACL is one to look at.
>
> Clearly permissions on files are good.
>
>
> > I would push the full AD-DC db to the server thats wrong.
> > Reboot it few times, then reboot one by one the other ad-dc's.
> > And re-checking it all again.
>
> Sorry but i've not understood what you are meaning. Clearly i've
> rebooted may times the DCs, and sometimes registration goes
> well, or at
> least that seems propagate correctly in site (eg, DC1 and DC2
> of site A
> where client B had registered have coherent data) but does not
> propagate at all between sites.
On the push full ad..
samba-tool drs replicate --help ;-)
--full-sync resync all objects
-d 10 DEBUGLEVEL
Look the server that is correct, and use above to resync all from good to bad
server.
You also do know that older objects in AD, might and do have wrong timestamps.
So beware if you use scaveging.. (im slowly.. Deleteing and recreating these
objects)
We inherreted this from below samba 4.7 is i recall right.
>
>
> Probably i've broken something. I know. But i don't know what, and
i
> don't know how to debug this...
I hoped above helped.
>
>
>
> Thanks.
Your welkom,
>
Greetz,
Louis