Hello, since some time (I don't remember since when) I have a strange phenomenon with one of my two samba4 DCs. Both dc1 and dc2 seem to run pretty fine and when working with Windows, I do not see any issues. But when issuing the following command on dc1, the command does not return but seems to be stuck. samba-tool drs showrepl When issuing the same command on dc2, it takes a second or so and the result is printed on the screen. The same with other commands like "samba-tool dns add" I already checked the samba log files, but I did not find any log entry. I know that it is difficult to provide a solution for a problem that is described so poorly, but I don't know how to further debug it. Any hints on how to move forward here and/or how to get more information? The output of samba-tool drs showrepl on dc2 does not show issues, regardless of which dc is replicated to which one (i.e. dc1 to tc2 or vice-versa). When executing repadmin /replsummary on a Windows client, also no errors are shown. Here's the output: root at dc2:/var/lib/samba# samba-tool drs showrepl Default-First-Site-Name\DC2 DSA Options: 0x00000001 DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 DSA invocationId: 0e649cb7-efc8-47ad-a841-4453973dbcec ==== INBOUND NEIGHBORS === DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET CN=Schema,CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET DC=DomainDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET DC=ForestDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET ==== OUTBOUND NEIGHBORS === DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) CN=Schema,CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) DC=DomainDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) DC=ForestDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC1 via RPC ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) ==== KCC CONNECTION OBJECTS === Connection -- ??????? Connection name: 138dbf8f-16ef-406e-87aa-72a25b4e03b6 ??????? Enabled??????? : TRUE ??????? Server DNS name : dc1.local.example.de ??????? Server DN name? : CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=local,DC=example,DC=de ??????????????? TransportType: RPC ??????????????? options: 0x00000001 Warning: No NC replicated for Connection! Now, after 10 minutes or so, also dc1 finished the command. Here's the result: root at dc1:~# samba-tool drs showrepl Default-First-Site-Name\DC1 DSA Options: 0x00000001 DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb DSA invocationId: a1e3fc90-833a-476e-8c8a-0753b5593ae3 ==== INBOUND NEIGHBORS === DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ Tue Nov 21 12:41:42 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:41:42 2023 CET CN=Schema,CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:41:43 2023 CET CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:41:43 2023 CET DC=DomainDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:41:43 2023 CET DC=ForestDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ Tue Nov 21 12:41:41 2023 CET was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ Tue Nov 21 12:41:41 2023 CET ==== OUTBOUND NEIGHBORS === DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) CN=Schema,CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) CN=Configuration,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) DC=DomainDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) DC=ForestDnsZones,DC=local,DC=example,DC=de ??????? Default-First-Site-Name\DC2 via RPC ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 ??????????????? Last attempt @ NTTIME(0) was successful ??????????????? 0 consecutive failure(s). ??????????????? Last success @ NTTIME(0) ==== KCC CONNECTION OBJECTS === Connection -- ??????? Connection name: 85d23471-63cd-4bf1-9238-1ea493d07a95 ??????? Enabled??????? : TRUE ??????? Server DNS name : dc2.local.example.de ??????? Server DN name? : CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=local,DC=example,DC=de ??????????????? TransportType: RPC ??????????????? options: 0x00000001 Warning: No NC replicated for Connection! Both servers (Ubuntu Server) have the latest updates installed. The samba version is 4.15.13-Ubuntu. What could be the reason why one dc takes so long with samba-tool commands while the other one is much faster? Best Tom
Hi. smb.conf for the DCs? What?s in resolv.conf for Both DCs? Are they in the same LAN? Any firewalls ? Rgds, LP On Nov 21, 2023 at 15:16 +0100, Thomas Schachtner via samba <samba at lists.samba.org>, wrote:> Hello, > > since some time (I don't remember since when) I have a strange > phenomenon with one of my two samba4 DCs. > Both dc1 and dc2 seem to run pretty fine and when working with Windows, > I do not see any issues. > > But when issuing the following command on dc1, the command does not > return but seems to be stuck. > > samba-tool drs showrepl > > When issuing the same command on dc2, it takes a second or so and the > result is printed on the screen. > The same with other commands like "samba-tool dns add" > > I already checked the samba log files, but I did not find any log entry. > > I know that it is difficult to provide a solution for a problem that is > described so poorly, but I don't know how to further debug it. > Any hints on how to move forward here and/or how to get more information? > > The output of samba-tool drs showrepl on dc2 does not show issues, > regardless of which dc is replicated to which one (i.e. dc1 to tc2 or > vice-versa). > When executing repadmin /replsummary on a Windows client, also no errors > are shown. > > Here's the output: > > root at dc2:/var/lib/samba# samba-tool drs showrepl > Default-First-Site-Name\DC2 > DSA Options: 0x00000001 > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > DSA invocationId: 0e649cb7-efc8-47ad-a841-4453973dbcec > > ==== INBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET > > CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET > > DC=DomainDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET > > DC=ForestDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:26:25 2023 CET > > ==== OUTBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > DC=DomainDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > DC=ForestDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC1 via RPC > ??????????????? DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > ==== KCC CONNECTION OBJECTS ===> > Connection -- > ??????? Connection name: 138dbf8f-16ef-406e-87aa-72a25b4e03b6 > ??????? Enabled??????? : TRUE > ??????? Server DNS name : dc1.local.example.de > ??????? Server DN name? : CN=NTDS > Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=local,DC=example,DC=de > ??????????????? TransportType: RPC > ??????????????? options: 0x00000001 > Warning: No NC replicated for Connection! > > Now, after 10 minutes or so, also dc1 finished the command. > Here's the result: > > root at dc1:~# samba-tool drs showrepl > Default-First-Site-Name\DC1 > DSA Options: 0x00000001 > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > DSA invocationId: a1e3fc90-833a-476e-8c8a-0753b5593ae3 > > ==== INBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ Tue Nov 21 12:41:42 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:41:42 2023 CET > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:41:43 2023 CET > > CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:41:43 2023 CET > > DC=DomainDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:41:43 2023 CET > > DC=ForestDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ Tue Nov 21 12:41:41 2023 CET was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ Tue Nov 21 12:41:41 2023 CET > > ==== OUTBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > CN=Configuration,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > DC=DomainDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > DC=ForestDnsZones,DC=local,DC=example,DC=de > ??????? Default-First-Site-Name\DC2 via RPC > ??????????????? DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > ??????????????? Last attempt @ NTTIME(0) was successful > ??????????????? 0 consecutive failure(s). > ??????????????? Last success @ NTTIME(0) > > ==== KCC CONNECTION OBJECTS ===> > Connection -- > ??????? Connection name: 85d23471-63cd-4bf1-9238-1ea493d07a95 > ??????? Enabled??????? : TRUE > ??????? Server DNS name : dc2.local.example.de > ??????? Server DN name? : CN=NTDS > Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=local,DC=example,DC=de > ??????????????? TransportType: RPC > ??????????????? options: 0x00000001 > Warning: No NC replicated for Connection! > > > > Both servers (Ubuntu Server) have the latest updates installed. > The samba version is 4.15.13-Ubuntu. > > What could be the reason why one dc takes so long with samba-tool > commands while the other one is much faster? > > Best > Tom > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
> -----Original Message----- > From: samba <samba-bounces at lists.samba.org> On Behalf Of Thomas > Schachtner via samba > Sent: Tuesday, November 21, 2023 9:16 AM > To: samba at lists.samba.org > Subject: [Samba] samba-tool hangs on one dc > > Hello, > > since some time (I don't remember since when) I have a strange phenomenon > with one of my two samba4 DCs. > Both dc1 and dc2 seem to run pretty fine and when working with Windows, I > do not see any issues. > > But when issuing the following command on dc1, the command does not > return but seems to be stuck. > > samba-tool drs showrepl > > When issuing the same command on dc2, it takes a second or so and the result > is printed on the screen. > The same with other commands like "samba-tool dns add" > > I already checked the samba log files, but I did not find any log entry. > > I know that it is difficult to provide a solution for a problem that is described so > poorly, but I don't know how to further debug it. > Any hints on how to move forward here and/or how to get more information? > > The output of samba-tool drs showrepl on dc2 does not show issues, > regardless of which dc is replicated to which one (i.e. dc1 to tc2 or vice-versa). > When executing repadmin /replsummary on a Windows client, also no errors > are shown. > > Here's the output: > > root at dc2:/var/lib/samba# samba-tool drs showrepl > Default-First-Site-Name\DC2 > DSA Options: 0x00000001 > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > DSA invocationId: 0e649cb7-efc8-47ad-a841-4453973dbcec > > ==== INBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:26:25 2023 CET > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:26:25 2023 CET > > CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:26:25 2023 CET > > DC=DomainDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:26:25 2023 CET > > DC=ForestDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ Tue Nov 21 12:26:25 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:26:25 2023 CET > > ==== OUTBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > DC=DomainDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > DC=ForestDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC1 via RPC > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > ==== KCC CONNECTION OBJECTS ===> > Connection -- > Connection name: 138dbf8f-16ef-406e-87aa-72a25b4e03b6 > Enabled : TRUE > Server DNS name : dc1.local.example.de > Server DN name : CN=NTDS > Settings,CN=DC1,CN=Servers,CN=Default-First-Site- > Name,CN=Sites,CN=Configuration,DC=local,DC=example,DC=de > TransportType: RPC > options: 0x00000001 > Warning: No NC replicated for Connection! > > Now, after 10 minutes or so, also dc1 finished the command. > Here's the result: > > root at dc1:~# samba-tool drs showrepl > Default-First-Site-Name\DC1 > DSA Options: 0x00000001 > DSA object GUID: 4872003f-2bd7-4393-9eed-1ceaeecf92eb > DSA invocationId: a1e3fc90-833a-476e-8c8a-0753b5593ae3 > > ==== INBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ Tue Nov 21 12:41:42 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:41:42 2023 CET > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:41:43 2023 CET > > CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:41:43 2023 CET > > DC=DomainDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ Tue Nov 21 12:41:43 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:41:43 2023 CET > > DC=ForestDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ Tue Nov 21 12:41:41 2023 CET was successful > 0 consecutive failure(s). > Last success @ Tue Nov 21 12:41:41 2023 CET > > ==== OUTBOUND NEIGHBORS ===> > DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > CN=Schema,CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > CN=Configuration,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > DC=DomainDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > DC=ForestDnsZones,DC=local,DC=example,DC=de > Default-First-Site-Name\DC2 via RPC > DSA object GUID: e4cf97f3-ad31-4a1d-bb3d-00a0db86e6a8 > Last attempt @ NTTIME(0) was successful > 0 consecutive failure(s). > Last success @ NTTIME(0) > > ==== KCC CONNECTION OBJECTS ===> > Connection -- > Connection name: 85d23471-63cd-4bf1-9238-1ea493d07a95 > Enabled : TRUE > Server DNS name : dc2.local.example.de > Server DN name : CN=NTDS > Settings,CN=DC2,CN=Servers,CN=Default-First-Site- > Name,CN=Sites,CN=Configuration,DC=local,DC=example,DC=de > TransportType: RPC > options: 0x00000001 > Warning: No NC replicated for Connection! > > > > Both servers (Ubuntu Server) have the latest updates installed. > The samba version is 4.15.13-Ubuntu. > > What could be the reason why one dc takes so long with samba-tool > commands while the other one is much faster? > > Best > Tom > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaI've experienced this before and it's usually transient. If you want to see where in the process it's hanging, you can increase the debug level to something like 5. samba-tool drs showrepl -d 5