Rowland Penny
2025-Apr-24 14:54 UTC
[Samba] Member can't join DC2 (The specified network name is no longer available)
On Thu, 24 Apr 2025 14:10:47 +0100 Luis Peromarta via samba <samba at lists.samba.org> wrote:> We?ve removed the possibility of a bad DC2. > > If all else seems OK, I am running out of ideas. >Okay, this what I would do: First carry out an ldap search in AD for DC2, just to make sure that there are no leftovers. next, using Debian 12 with Samba from backports (this gets you Samba 4.21.5) join a second DC at your first place (note I say 'place' not 'site', you are not using 'sites'). If this works, then you are a step forward. Once you are sure everything is working correctly at your first place, read this: https://wiki.samba.org/index.php/Active_Directory_Sites Then setup a second site for your second place. Now attempt to join a new DC at your second site, do not point to a specific DC with the 'samba-tool domain join' command, but do specify the 'site' (see 'samba-tool domain join --help' for more info). If that works then great, you can now add a second DC at your second site. If it doesn't, then post any and all errors. Rowland
aere_premium.0k at icloud.com
2025-Apr-26 16:26 UTC
[Samba] Member can't join DC2 (The specified network name is no longer available)
Le 24/04/2025 ? 16:54, Rowland Penny via samba a ?crit : > First carry out an ldap search in AD for DC2, just to make sure that > there are no leftovers. I did : ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs objectguid | grep -A1 DC2 Then ldbdel -H /var/lib/samba/private/sam.ldb [DNs found above] Hope it's enough. > next, using Debian 12 with Samba from backports > (this gets you Samba 4.21.5) join a second DC at your first place (note > I say 'place' not 'site', you are not using 'sites'). If this works, > then you are a step forward. Done. Replicated everything to it (sysvol and idmap.ldb), seems to be successful (see attachments) > Once you are sure everything is working correctly at your first place, > read this: > > https://wiki.samba.org/index.php/Active_Directory_Sites > > Then setup a second site for your second place. Before doing so, I checked the doc above and it seems that without knowing it, my sites were configured correctly (See attachments). BTW, DC4 (in place 2) appeared in the other site by itself. I never moved a server there. I proceeded anyway. > Now attempt to join a new DC at your second site, do not point to a > specific DC with the 'samba-tool domain join' command, but do specify > the 'site' (see 'samba-tool domain join --help' for more info). Done. See showrepl in attachments. > If that works then great, you can now add a second DC at your second site. Done. See showrepl in attachments. No errors. sysvol is configured to be replicated by rsync from dc1 to dc2, dc3 and dc4. Sites/Places are: - 190bis: -- dc1 -- dc2 - 133: -- dc3 -- dc4 Confirmed by Sites and Services I ten tried to join my windows 10 test VM and YES it works, VM in 2nd site selected DC3 in same site. Everything is good now, thank you for your help ! DC3 and DC4 are on the same physical machine, we will add another proxmox next week on this site/place. Is it safe to shutdown dc4 (without demote), move the VM to the other machine (without changing mac, machine-id, IP) and start it up? -------------- next part -------------- root at dc2 ~# samba-tool drs showrepl 190bis\DC2 DSA Options: 0x00000001 DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 DSA invocationId: 90aaf304-e335-4cc5-8e22-f05f906e7443 ==== INBOUND NEIGHBORS === DC=DomainDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 10:08:48 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 10:08:48 2025 UTC CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 10:08:49 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 10:08:49 2025 UTC DC=ForestDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 10:08:49 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 10:08:49 2025 UTC DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 10:08:49 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 10:08:49 2025 UTC CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 10:08:49 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 10:08:49 2025 UTC ==== OUTBOUND NEIGHBORS === DC=DomainDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) DC=ForestDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) ==== KCC CONNECTION OBJECTS === Connection -- Connection name: 2b808608-b768-42e1-b280-5ee9f9a81595 Enabled : TRUE Server DNS name : dc1.tech.iticparis.com Server DN name : CN=NTDS Settings,CN=DC1,CN=Servers,CN=190bis,CN=Sites,CN=Configuration,DC=tech,DC=example,DC=com TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! -------------- next part -------------- root at dc3 ~# samba-tool drs showrepl 133\DC3 DSA Options: 0x00000001 DSA object GUID: 16ca3e4a-f043-44a9-bcd1-aed339d12bd5 DSA invocationId: 0f197453-6796-4da2-9529-55f10b004627 ==== INBOUND NEIGHBORS === DC=DomainDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) DC=DomainDnsZones,DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 15:51:33 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 15:51:33 2025 UTC CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 15:51:34 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 15:51:34 2025 UTC DC=ForestDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) DC=ForestDnsZones,DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 15:51:33 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 15:51:33 2025 UTC DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 15:51:32 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 15:51:32 2025 UTC DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 15:51:35 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 15:51:35 2025 UTC CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 15:51:36 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 15:51:36 2025 UTC ==== OUTBOUND NEIGHBORS === DC=DomainDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) DC=ForestDnsZones,DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ NTTIME(0) was successful 0 consecutive failure(s). Last success @ NTTIME(0) ==== KCC CONNECTION OBJECTS === Connection -- Connection name: 3758be3c-3f98-4a2b-9570-61847ae74f3e Enabled : TRUE Server DNS name : dc1.tech.iticparis.com Server DN name : CN=NTDS Settings,CN=DC1,CN=Servers,CN=190bis,CN=Sites,CN=Configuration,DC=tech,DC=example,DC=com TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! -------------- next part -------------- root at dc4 ~# samba-tool drs showrepl 133\DC4 DSA Options: 0x00000001 DSA object GUID: c9861e09-61bf-4188-affa-c97ff61b1bb0 DSA invocationId: e84f1283-a174-44c7-adf1-7ac38f4d19eb ==== INBOUND NEIGHBORS === DC=DomainDnsZones,DC=tech,DC=example,DC=com 133\DC3 via RPC DSA object GUID: 16ca3e4a-f043-44a9-bcd1-aed339d12bd5 Last attempt @ Sat Apr 26 16:07:48 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:48 2025 UTC CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 133\DC3 via RPC DSA object GUID: 16ca3e4a-f043-44a9-bcd1-aed339d12bd5 Last attempt @ Sat Apr 26 16:07:49 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:49 2025 UTC CN=Schema,CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 16:07:45 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:45 2025 UTC DC=ForestDnsZones,DC=tech,DC=example,DC=com 133\DC3 via RPC DSA object GUID: 16ca3e4a-f043-44a9-bcd1-aed339d12bd5 Last attempt @ Sat Apr 26 16:07:48 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:48 2025 UTC DC=tech,DC=example,DC=com 133\DC3 via RPC DSA object GUID: 16ca3e4a-f043-44a9-bcd1-aed339d12bd5 Last attempt @ Sat Apr 26 16:07:50 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:50 2025 UTC DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 16:07:46 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:46 2025 UTC DC=tech,DC=example,DC=com 190bis\DC1 via RPC DSA object GUID: 427aedb2-ca1e-4c7f-aa06-45d5f5b882e3 Last attempt @ Sat Apr 26 16:07:51 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:51 2025 UTC CN=Configuration,DC=tech,DC=example,DC=com 133\DC3 via RPC DSA object GUID: 16ca3e4a-f043-44a9-bcd1-aed339d12bd5 Last attempt @ Sat Apr 26 16:07:50 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:50 2025 UTC CN=Configuration,DC=tech,DC=example,DC=com 190bis\DC2 via RPC DSA object GUID: 0924a58f-c346-4a9c-a8ff-4110234e70c4 Last attempt @ Sat Apr 26 16:07:47 2025 UTC was successful 0 consecutive failure(s). Last success @ Sat Apr 26 16:07:47 2025 UTC ==== OUTBOUND NEIGHBORS === ==== KCC CONNECTION OBJECTS === Connection -- Connection name: dda450a0-7dc3-47ab-94be-613800acd148 Enabled : TRUE Server DNS name : dc3.tech.example.com Server DN name : CN=NTDS Settings,CN=DC3,CN=Servers,CN=133,CN=Sites,CN=Configuration,DC=tech,DC=example,DC=com TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection!