thr3ads.net - samba - [Samba] Samba trying to connect to a non-existant DC for NTP? [Feb 2024]

If this information is useful, please help other people find it:
Share via:

James B. Byrne

2024-Feb-14 20:37 UTC

[Samba] Samba trying to connect to a non-existant DC for NTP?

On Wed Feb 14 19:48:49 UTC 2024 Rowland Penny rpenny at samba.org wrote:
> Is there anything left in AD that refers to your removed DC ?
> If the removed DC was the holder of the PDC_Emulator FSMO role,
> that is one place I would check.
This is what I found.  It seems that the FSMO role owner is SMB4-2 but that
SMB4-1 is somehow connected:

samba-ldbsearch --cross-ncs -H /var/db/samba4/private/sam.ldb
'(fsmoroleowner=*)'

# record 1
dn: CN=Schema,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca
objectClass: top
objectClass: dMD
cn: Schema
instanceType: 13
whenCreated: 20200626203444.0Z
uSNCreated: 10
objectVersion: 47
showInAdvancedViewOnly: TRUE
name: Schema
objectGUID: ef62db27-1d5a-47a8-923d-8e9d1d3b408b
objectCategory: CN=DMD,CN=Schema,CN=Configuration,DC=brockley,DC=harte-lyne,DC
 =ca
prefixMap:
. . .
fSMORoleOwner: CN=NTDS Settings,CN=SMB4-2,CN=Servers,CN=Default-First-Site-Nam
 e,CN=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca
whenChanged: 20200720185753.0Z
uSNChanged: 5322

masteredBy: CN=NTDS Settings,CN=SMB4-1,CN=Servers,CN=Default-First-Site-Name,C
 N=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca

masteredBy: CN=NTDS Settings,CN=SMB4-2,CN=Servers,CN=Default-First-Site-Name,C
 N=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca

msDs-masteredBy: CN=NTDS Settings,CN=SMB4-1,CN=Servers,CN=Default-First-Site-N
 ame,CN=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca

msDs-masteredBy: CN=NTDS Settings,CN=SMB4-2,CN=Servers,CN=Default-First-Site-N
 ame,CN=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca

. . .

Thanks,


-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
   Unencrypted messages have no legal claim to privacy
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

James B. Byrne

2024-Feb-14 21:03 UTC

head link

[Samba] Samba trying to connect to a non-existant DC for NTP?

On Wed, February 14, 2024 15:37, James B. Byrne wrote:> On Wed Feb 14 19:48:49 UTC 2024 Rowland Penny rpenny at samba.org wrote:
>
>> Is there anything left in AD that refers to your removed DC ?
>> If the removed DC was the holder of the PDC_Emulator FSMO role,
>> that is one place I would check.
>More detail:

samba-ldbsearch -H /var/db/samba4/private/sam.ldb '(invocationId=*)'
--cross-ncs objectguid | grep -A1 DC

dn: CN=NTDS
Settings,CN=SMB4-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca
objectGUID: 00d350dd-20ae-4718-be2a-90c924adc19b
--
dn: CN=NTDS
Settings,CN=SMB4-1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=brockley,DC=harte-lyne,DC=ca
objectGUID: aac648b2-aac8-411d-afe0-7cbd5455841c


-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
   Unencrypted messages have no legal claim to privacy
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

Rowland Penny

2024-Feb-14 21:18 UTC

head link

[Samba] Samba trying to connect to a non-existant DC for NTP?

On Wed, 14 Feb 2024 15:37:48 -0500
"James B. Byrne via samba" <samba at lists.samba.org> wrote:
> On Wed Feb 14 19:48:49 UTC 2024 Rowland Penny rpenny at samba.org wrote:
> 
> > Is there anything left in AD that refers to your removed DC ?
> > If the removed DC was the holder of the PDC_Emulator FSMO role,
> > that is one place I would check.
> 
> This is what I found.  It seems that the FSMO role owner is SMB4-2
> but that SMB4-1 is somehow connected:
> 
> samba-ldbsearch --cross-ncs -H /var/db/samba4/private/sam.ldb
> '(fsmoroleowner=*)'
> 
Sorry I should have been a bit more precise, I was thinking about dns
records.
What does this produce:

samba-ldbsearch --cross-ncs --show-binary -H
/var/db/samba4/private/sam.ldb -b 'DC=brockley,DC=harte-lyne,DC=ca' -s
sub '(&(objectclass=dnsnode)(name=_ldap._tcp.pdc))'

Rowland

samba - Feb 2024 - Samba trying to connect to a non-existant DC for NTP?

[Samba] Samba trying to connect to a non-existant DC for NTP?

[Samba] Samba trying to connect to a non-existant DC for NTP?

[Samba] Samba trying to connect to a non-existant DC for NTP?