thr3ads.net - samba - [Samba] Replication issue after rejoining a DC [Oct 2025]

If this information is useful, please help other people find it:
Share via:

Cedric Puchalver

2025-Oct-09 07:04 UTC

[Samba] Replication issue after rejoining a DC

Le 08/10/2025 ? 16:50, Rowland Penny via samba a ?crit?:> On Wed, 8 Oct 2025 15:53:43 +0200
> Cedric Puchalver via samba <samba at lists.samba.org> wrote:
>
>> Hello,
>>
>> I have 2 Samba DCs running on two different sites. They are both
>> running Samba compiled from source and I decided to use Samba from
>> Debian Bookworm backports instead.
>>
>> I demoted the DC that wasn't holding FSMO roles by following the
wiki
>> :
>>
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC#Demoting_an_Online_Domain_Controller
>>
>> I installed Samba packages from Debian repos and followed the wiki to
>> join the domain again.
>>
>> Everything went fine but when I started the freshly-joined DC I have
>> errors in the log :
>>
>> [2025/10/08 07:30:08.906866,  1]
>> source4/auth/gensec/gensec_gssapi.c:852(gensec_gssapi_update_internal)
>>     GSS server Update(krb5)(1) Update failed:  Miscellaneous failure
>> (see text): Decrypt integrity check failed for checksum type
>> hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
>> [2025/10/08 07:30:08.907110,  0]
>> source4/librpc/rpc/dcerpc_util.c:697(dcerpc_pipe_auth_recv)
>>     Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
>>
ncacn_ip_tcp:192.168.20.5[49153,seal,krb5,target_hostname=e6af5447-965a-451b-8d60-3bef78100504._msdcs.season-of-mist.intranet,target_principal=GC/dc3.season-of-mist.intranet/season-of-mist.intranet,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.20.5]
>> NT_STATUS_UNSUCCESSFUL
> When were these log messages created ? Was it shortly after the New DC
> was started or quite sometime later ?
> When a new DC is joined, quite a few of the required dns records do not
> exist and will not until Samba runs a script called samba_dnsupdate,
> this is what creates them.
>
> To put it another way, if you rerun 'samba-tool drs showrepl', do
you
> still get the errors ?
>
> Rowland
>
>Hi Rowland,

It was shortly after the new DC started.

I manually ran the command samba_dnsupdate --verbose and it returned :

IPs: ['192.168.20.5']
Looking for DNS entry A dc2.season-of-mist.intranet 192.168.20.5 as 
dc2.season-of-mist.intranet.
Looking for DNS entry CNAME 
2f2aee44-0eca-4ad1-9b77-d11d8d31e3eb._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet as 
2f2aee44-0eca-4ad1-9b77-d11d8d31e3eb._msdcs.season-of-mist.intranet.
Looking for DNS entry NS season-of-mist.intranet 
dc2.season-of-mist.intranet as season-of-mist.intranet.
Looking for DNS entry NS _msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet as _msdcs.season-of-mist.intranet.
Looking for DNS entry A season-of-mist.intranet 192.168.20.5 as 
season-of-mist.intranet.
Looking for DNS entry SRV _ldap._tcp.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as _ldap._tcp.season-of-mist.intranet.
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.season-of-mist.intranet dc2.season-of-mist.intranet 389
Looking for DNS entry SRV _ldap._tcp.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.dc._msdcs.season-of-mist.intranet.
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.dc._msdcs.season-of-mist.intranet dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.cc35d4ea-c678-468b-89d7-03ef4c80c890.domains._msdcs.season-of-mist.intranet
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.cc35d4ea-c678-468b-89d7-03ef4c80c890.domains._msdcs.season-of-mist.intranet.
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.cc35d4ea-c678-468b-89d7-03ef4c80c890.domains._msdcs.season-of-mist.intranet
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV _kerberos._tcp.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as _kerberos._tcp.season-of-mist.intranet.
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._tcp.season-of-mist.intranet dc2.season-of-mist.intranet 88
Looking for DNS entry SRV _kerberos._udp.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as _kerberos._udp.season-of-mist.intranet.
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._udp.season-of-mist.intranet dc2.season-of-mist.intranet 88
Looking for DNS entry SRV 
_kerberos._tcp.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as 
_kerberos._tcp.dc._msdcs.season-of-mist.intranet.
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._tcp.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Looking for DNS entry SRV _kpasswd._tcp.season-of-mist.intranet 
dc2.season-of-mist.intranet 464 as _kpasswd._tcp.season-of-mist.intranet.
Checking 0 100 464 dc2.season-of-mist.intranet. against SRV 
_kpasswd._tcp.season-of-mist.intranet dc2.season-of-mist.intranet 464
Looking for DNS entry SRV _kpasswd._udp.season-of-mist.intranet 
dc2.season-of-mist.intranet 464 as _kpasswd._udp.season-of-mist.intranet.
Checking 0 100 464 dc2.season-of-mist.intranet. against SRV 
_kpasswd._udp.season-of-mist.intranet dc2.season-of-mist.intranet 464
Looking for DNS entry SRV 
_ldap._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.Chaos-Theory._sites.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_kerberos._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as 
_kerberos._tcp.Chaos-Theory._sites.season-of-mist.intranet.
Checking 0 100 88 dc3.season-of-mist.intranet. against SRV 
_kerberos._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Looking for DNS entry SRV 
_kerberos._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as 
_kerberos._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet.
Checking 0 100 88 dc3.season-of-mist.intranet. against SRV 
_kerberos._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._tcp.Chaos-Theory._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Looking for DNS entry A gc._msdcs.season-of-mist.intranet 192.168.20.5 
as gc._msdcs.season-of-mist.intranet.
Looking for DNS entry SRV _gc._tcp.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268 as _gc._tcp.season-of-mist.intranet.
Checking 0 100 3268 dc2.season-of-mist.intranet. against SRV 
_gc._tcp.season-of-mist.intranet dc2.season-of-mist.intranet 3268
Looking for DNS entry SRV _ldap._tcp.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268 as 
_ldap._tcp.gc._msdcs.season-of-mist.intranet.
Checking 0 100 3268 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.gc._msdcs.season-of-mist.intranet dc2.season-of-mist.intranet 
3268
Looking for DNS entry SRV 
_gc._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268 as 
_gc._tcp.Chaos-Theory._sites.season-of-mist.intranet.
Checking 0 100 3268 dc3.season-of-mist.intranet. against SRV 
_gc._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Checking 0 100 3268 dc2.season-of-mist.intranet. against SRV 
_gc._tcp.Chaos-Theory._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Looking for DNS entry SRV 
_ldap._tcp.Chaos-Theory._sites.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268 as 
_ldap._tcp.Chaos-Theory._sites.gc._msdcs.season-of-mist.intranet.
Checking 0 100 3268 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Checking 0 100 3268 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Looking for DNS entry A DomainDnsZones.season-of-mist.intranet 
192.168.20.5 as DomainDnsZones.season-of-mist.intranet.
Looking for DNS entry SRV 
_ldap._tcp.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.DomainDnsZones.season-of-mist.intranet.
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.Chaos-Theory._sites.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.Chaos-Theory._sites.DomainDnsZones.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry A ForestDnsZones.season-of-mist.intranet 
192.168.20.5 as ForestDnsZones.season-of-mist.intranet.
Looking for DNS entry SRV 
_ldap._tcp.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.ForestDnsZones.season-of-mist.intranet.
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.Chaos-Theory._sites.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.Chaos-Theory._sites.ForestDnsZones.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.Chaos-Theory._sites.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.neverland._sites.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_kerberos._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as 
_kerberos._tcp.neverland._sites.season-of-mist.intranet.
Checking 0 100 88 dc3.season-of-mist.intranet. against SRV 
_kerberos._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Looking for DNS entry SRV 
_kerberos._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88 as 
_kerberos._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet.
Checking 0 100 88 dc3.season-of-mist.intranet. against SRV 
_kerberos._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Checking 0 100 88 dc2.season-of-mist.intranet. against SRV 
_kerberos._tcp.neverland._sites.dc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 88
Looking for DNS entry SRV 
_gc._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268 as 
_gc._tcp.neverland._sites.season-of-mist.intranet.
Checking 0 100 3268 dc3.season-of-mist.intranet. against SRV 
_gc._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Checking 0 100 3268 dc2.season-of-mist.intranet. against SRV 
_gc._tcp.neverland._sites.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Looking for DNS entry SRV 
_ldap._tcp.neverland._sites.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268 as 
_ldap._tcp.neverland._sites.gc._msdcs.season-of-mist.intranet.
Checking 0 100 3268 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Checking 0 100 3268 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.gc._msdcs.season-of-mist.intranet 
dc2.season-of-mist.intranet 3268
Looking for DNS entry SRV 
_ldap._tcp.neverland._sites.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.neverland._sites.DomainDnsZones.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.DomainDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Looking for DNS entry SRV 
_ldap._tcp.neverland._sites.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389 as 
_ldap._tcp.neverland._sites.ForestDnsZones.season-of-mist.intranet.
Checking 0 100 389 dc3.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
Checking 0 100 389 dc2.season-of-mist.intranet. against SRV 
_ldap._tcp.neverland._sites.ForestDnsZones.season-of-mist.intranet 
dc2.season-of-mist.intranet 389
No DNS updates needed

The DNS records exist.

I ran the command samba-tool drs showrepl and here is the output :

Chaos-Theory\DC2
DSA Options: 0x00000001
DSA object GUID: 2f2aee44-0eca-4ad1-9b77-d11d8d31e3eb
DSA invocationId: a8f75274-c493-4b23-87d4-fcba4a7d9a2f

==== INBOUND NEIGHBORS ===
DC=season-of-mist,DC=intranet
 ??????? Default-First-Site-Name\DC3 via RPC
 ??????????????? DSA object GUID: e6af5447-965a-451b-8d60-3bef78100504
 ??????????????? Last attempt @ Thu Oct? 9 02:59:46 2025 EDT failed, 
result 31 (WERR_GEN_FAILURE)
 ??????????????? 9 consecutive failure(s).
 ??????????????? Last success @ Wed Oct? 8 07:17:15 2025 EDT

CN=Schema,CN=Configuration,DC=season-of-mist,DC=intranet
 ??????? Default-First-Site-Name\DC3 via RPC
 ??????????????? DSA object GUID: e6af5447-965a-451b-8d60-3bef78100504
 ??????????????? Last attempt @ Thu Oct? 9 02:59:46 2025 EDT failed, 
result 31 (WERR_GEN_FAILURE)
 ??????????????? 9 consecutive failure(s).
 ??????????????? Last success @ Wed Oct? 8 07:17:06 2025 EDT

DC=ForestDnsZones,DC=season-of-mist,DC=intranet
 ??????? Default-First-Site-Name\DC3 via RPC
 ??????????????? DSA object GUID: e6af5447-965a-451b-8d60-3bef78100504
 ??????????????? Last attempt @ Thu Oct? 9 02:59:46 2025 EDT failed, 
result 31 (WERR_GEN_FAILURE)
 ??????????????? 9 consecutive failure(s).
 ??????????????? Last success @ Wed Oct? 8 07:17:22 2025 EDT

CN=Configuration,DC=season-of-mist,DC=intranet
 ??????? Default-First-Site-Name\DC3 via RPC
 ??????????????? DSA object GUID: e6af5447-965a-451b-8d60-3bef78100504
 ??????????????? Last attempt @ Thu Oct? 9 02:59:46 2025 EDT failed, 
result 31 (WERR_GEN_FAILURE)
 ??????????????? 9 consecutive failure(s).
 ??????????????? Last success @ Wed Oct? 8 07:17:10 2025 EDT

DC=DomainDnsZones,DC=season-of-mist,DC=intranet
 ??????? Default-First-Site-Name\DC3 via RPC
 ??????????????? DSA object GUID: e6af5447-965a-451b-8d60-3bef78100504
 ??????????????? Last attempt @ Thu Oct? 9 02:59:46 2025 EDT failed, 
result 31 (WERR_GEN_FAILURE)
 ??????????????? 9 consecutive failure(s).
 ??????????????? Last success @ Wed Oct? 8 07:17:21 2025 EDT

==== OUTBOUND NEIGHBORS ===
==== KCC CONNECTION OBJECTS ===
Connection --
 ??????? Connection name: 1b0cce3d-b8d7-4729-a6bd-81d1562e3058
 ??????? Enabled??????? : TRUE
 ??????? Server DNS name : dc3.season-of-mist.intranet
 ??????? Server DN name? : CN=NTDS 
Settings,CN=DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=season-of-mist,DC=intranet
 ??????????????? TransportType: RPC
 ??????????????? options: 0x00000001
Warning: No NC replicated for Connection!

The DC log file still shows the error :

[2025/10/09 02:59:47.499497,? 1] 
source4/auth/gensec/gensec_gssapi.c:852(gensec_gssapi_update_internal)
 ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see 
text): Decrypt integrity check failed for checksum type 
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2025/10/09 02:59:47.499659,? 0] 
source4/librpc/rpc/dcerpc_util.c:697(dcerpc_pipe_auth_recv)
 ? Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for 
ncacn_ip_tcp:192.168.20.5[49153,seal,krb5,target_hostname=e6af5447-965a-451b-8d60-3bef78100504._msdcs.season-of-mist.intranet,target_principal=GC/dc3.season-of-mist.intranet/season-of-mist.intranet,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.20.5]
NT_STATUS_UNSUCCESSFUL

Luis Peromarta

2025-Oct-09 07:40 UTC

head link

[Samba] Replication issue after rejoining a DC

Hi there,

Just as a precaution, and in order to double check all steps, please see this
and make sure you did not miss any step.

http://samba.bigbird.es/doku.php?id=samba:aditional-dc

On Oct 9, 2025 at 08:04 +0100, Cedric Puchalver via samba <samba at
lists.samba.org>, wrote:> Le 08/10/2025 ? 16:50, Rowland Penny via samba a ?crit?:
> > On Wed, 8 Oct 2025 15:53:43 +0200
> > Cedric Puchalver via samba <samba at lists.samba.org> wrote:
> >
> > > Hello,
> > >
> > > I have 2 Samba DCs running on two different sites. They are both
> > > running Samba compiled from source and I decided to use Samba
from
> > > Debian Bookworm backports instead.
> > >
> > >

Rowland Penny

2025-Oct-09 08:50 UTC

head link

[Samba] Replication issue after rejoining a DC

On Thu, 9 Oct 2025 09:04:26 +0200
Cedric Puchalver via samba <samba at lists.samba.org> wrote:
> Le 08/10/2025 ? 16:50, Rowland Penny via samba a ?crit?:
> >
> > To put it another way, if you rerun 'samba-tool drs showrepl',
do
> > you still get the errors ?
> >
> >
> Hi Rowland,
> 
> It was shortly after the new DC started.
> 
> I manually ran the command samba_dnsupdate --verbose and it returned :
> 
SNIP
> No DNS updates needed
> 
So it isn't the lack of dns records.
> 
> I ran the command samba-tool drs showrepl and here is the output :
> 
> Chaos-Theory\DC2
> DSA Options: 0x00000001
> DSA object GUID: 2f2aee44-0eca-4ad1-9b77-d11d8d31e3eb
> DSA invocationId: a8f75274-c493-4b23-87d4-fcba4a7d9a2f
> 
> ==== INBOUND NEIGHBORS ===> 
> DC=season-of-mist,DC=intranet
>  ??????? Default-First-Site-Name\DC3 via RPC
>  ??????????????? DSA object GUID: e6af5447-965a-451b-8d60-3bef78100504
>  ??????????????? Last attempt @ Thu Oct? 9 02:59:46 2025 EDT failed, 
> result 31 (WERR_GEN_FAILURE)
>  ??????????????? 9 consecutive failure(s).
>  ??????????????? Last success @ Wed Oct? 8 07:17:15 2025 EDT
SNIP

What is in /etc/resolv.conf ?
Is the first nameserver its own ipaddress ?

Rowland

samba - Oct 2025 - Replication issue after rejoining a DC

[Samba] Replication issue after rejoining a DC

[Samba] Replication issue after rejoining a DC

[Samba] Replication issue after rejoining a DC