Michael Tokarev
2022-Nov-14 16:48 UTC
[Samba] Replication between Samba DCs (on different sites)?
Hi! Should replication between two Samba DCs Just Work after joining a second DC to the domain? We always were running a single DC (historically it was just a single server anyway), now I've added another DC, located in a remove office, but there's no replication of any kind. Should it be configured somehow? The initial data seems to be copied fine at the time of domain join, but no further modifications are propagated. In particular, samba-tool drs showrepl shows empty lists: One: Moscow-Office\AI DSA Options: 0x00000001 DSA object GUID: 91a56cbe-38b3-493c-b132-d1042d0aa021 DSA invocationId: 1cf73086-45c7-434e-a078-775c7f52bb0a ==== INBOUND NEIGHBORS === ==== OUTBOUND NEIGHBORS === ==== KCC CONNECTION OBJECTS === Two: Pereslavl-Office\SVDCP DSA Options: 0x00000001 DSA object GUID: de3e7a5b-fff6-4413-8116-defd06ea1d3e DSA invocationId: b4b6c873-aa25-4c32-803c-732fefde131f ==== INBOUND NEIGHBORS === ==== OUTBOUND NEIGHBORS === ==== KCC CONNECTION OBJECTS === In the samba wiki there's a note, right below https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Verifying_Directory_Replication , it is saying that Samba 4.5 and later no longer creates a fully-meshed replication topology between all DCs, and refers to a non-existing page "The Samba KCC". I wonder maybe this is something which I need? The smb.conf is the default as created by samba-tool domain join AD command. I'm trying to create another VM, with a 3rd DC, to see if having a DC in the same site will help... Thanks! /mjt
Michael Tokarev
2022-Nov-14 17:39 UTC
[Samba] Replication between Samba DCs (on different sites)?
14.11.2022 19:48, Michael Tokarev via samba wrote: ..> I'm trying to create another VM, with a 3rd DC, to see if having a > DC in the same site will help...So, I created a second DC on the same Site as our first DC. And it instantly enabled and activated replication, samba-tool drs showrepl shows active connections between the two DCs, and changes made on one of the DCs becomes immediately visible on the other. But the replication between two DCs in diferent sites does not seem to be enabled. What is the way to enable it? Unless I'm wrong and the issue is somewhere else.. Thanks, /mjt