james.atwell365 at gmail.com
2024-Oct-11 16:44 UTC
[Samba] Problem with a domain controller that is located in a separate site
> -----Original Message----- > From: samba <samba-bounces at lists.samba.org> On Behalf Of Rowland > Penny via samba > Sent: Friday, October 11, 2024 11:56 AM > To: samba at lists.samba.org > Cc: Rowland Penny <rpenny at samba.org> > Subject: Re: [Samba] Problem with a domain controller that is located in a > separate site > > On Fri, 11 Oct 2024 11:37:15 -0400 > James Atwell via samba <samba at lists.samba.org> wrote: > > > Do Samba logs show any errors with replication? > > Probably not, because in his initial post, he said replication wasworking, but> 'repsTo' wasn't populated. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaHi Rowland, I seen that, but that appears to come from a screenshot using ADSI Edit when I reviewed the thread. I could be wrong, wouldn't be the first time. The attribute repsTo is optional but it most cases should exists once a replication partner has been established and actual replication takes place. Reviewing the thread, I show initially Adam didn't have NTDS auto generated connections to his Samba and Microsoft servers. He lowered the replication time in the site link to 15 minutes(I wouldn't leave at that value) which triggered the KCC and successfully created the NTDS connections on both. The establishment of NTDS connections don't automatically trigger the repsTo field to be populated. The KCC determines how replication occurs, but it doesn't necessarily mean that outbound replication is actively occurring. Even though Adam said replication was working. It appears that the connection is primarily being used for inbound replication or that the DC has not recently replicated changes to the neighbor DC. I asked Adam to delete the NTDS connections and see if they get reestablished on both DC's. If they do, I suggest next he add a user, dns hostname, and computer on the Samba server and see if it gets replicated on the Windows sever. Having verbose logging on during this time would be helpful. These changes should trigger the repsTo attribute to become populated. I've seen in my own experience happen but only with a Samba environment. When it did occur, I did the above except I used the samba-tool drs replicate command to force the population of inbound and outbound neighbors. -James
Adam Abramson
2024-Oct-14 09:21 UTC
[Samba] Problem with a domain controller that is located in a separate site
Hi, James, I did everything as you said, deleted all samba and win2019-2 connections on all domain controllers, after that I waited until they were all restored, but the outbound neighbors did not appear, maybe it makes sense to force them to display in some way? or any other ideas about this? On Fri, Oct 11, 2024 at 7:45?PM James Atwell via samba < samba at lists.samba.org> wrote:> > > -----Original Message----- > > From: samba <samba-bounces at lists.samba.org> On Behalf Of Rowland > > Penny via samba > > Sent: Friday, October 11, 2024 11:56 AM > > To: samba at lists.samba.org > > Cc: Rowland Penny <rpenny at samba.org> > > Subject: Re: [Samba] Problem with a domain controller that is located in > a > > separate site > > > > On Fri, 11 Oct 2024 11:37:15 -0400 > > James Atwell via samba <samba at lists.samba.org> wrote: > > > > > Do Samba logs show any errors with replication? > > > > Probably not, because in his initial post, he said replication was > working, but > > 'repsTo' wasn't populated. > > > > Rowland > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > Hi Rowland, > > I seen that, but that appears to come from a screenshot using ADSI Edit > when > I reviewed the thread. I could be wrong, wouldn't be the first time. > > The attribute repsTo is optional but it most cases should exists once a > replication partner has been established and actual replication takes > place. > Reviewing the thread, I show initially Adam didn't have NTDS auto generated > connections to his Samba and Microsoft servers. He lowered the replication > time in the site link to 15 minutes(I wouldn't leave at that value) which > triggered the KCC and successfully created the NTDS connections on both. > The establishment of NTDS connections don't automatically trigger the > repsTo > field to be populated. The KCC determines how replication occurs, but it > doesn't necessarily mean that outbound replication is actively occurring. > Even though Adam said replication was working. > > It appears that the connection is primarily being used for inbound > replication or that the DC has not recently replicated changes to the > neighbor DC. I asked Adam to delete the NTDS connections and see if they > get > reestablished on both DC's. If they do, I suggest next he add a user, dns > hostname, and computer on the Samba server and see if it gets replicated on > the Windows sever. Having verbose logging on during this time would be > helpful. These changes should trigger the repsTo attribute to become > populated. > > I've seen in my own experience happen but only with a Samba environment. > When it did occur, I did the above except I used the samba-tool drs > replicate command to force the population of inbound and outbound > neighbors. > > > -James > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Apparently Analagous Threads
- Problem with a domain controller that is located in a separate site
- Problem with a domain controller that is located in a separate site
- Problem with a domain controller that is located in a separate site
- Problem with a domain controller that is located in a separate site
- Problem with a domain controller that is located in a separate site