search for: otherinternaldomain

...dsdb_access: Access check failed ..." is still present. ----- On May 22, 2019, at 11:52 AM, Mike Ray mray at xes-inc.com wrote: > Setting the log level to 10 shows this blurp in the output of the ldapcmp > command: > > resolve_lmhosts: Attempting lmhosts lookup for name > dc3.otherinternaldomain.local<0x20> > startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file > or directory > ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT - > <dsdb_access: Access check failed on CN=Configuration,DC=domain,DC=local> <> >...

......" is still present. > > ----- On May 22, 2019, at 11:52 AM, Mike Ray mray at xes-inc.com wrote: > >> Setting the log level to 10 shows this blurp in the output of the ldapcmp >> command: >> >> resolve_lmhosts: Attempting lmhosts lookup for name >> dc3.otherinternaldomain.local<0x20> >> startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file >> or directory >> ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT - >> <dsdb_access: Access check failed on CN=Configuration,DC=domain,DC=local&gt...

...;> >> ----- On May 22, 2019, at 11:52 AM, Mike Ray mray at xes-inc.com wrote: >> >>> Setting the log level to 10 shows this blurp in the output of the ldapcmp >>> command: >>> >>> resolve_lmhosts: Attempting lmhosts lookup for name >>> dc3.otherinternaldomain.local<0x20> >>> startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file >>> or directory >>> ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT - >>> <dsdb_access: Access check failed on CN=Configuration,DC=do...

...itions,CN=Configuration,dc=domain,dc=local' -s sub > '(nETBIOSName=*)' nETBIOSName > > It should return the domain name. It does on all 3 DCs > >> # names that resolve to me >> 127.0.0.1 localhost.localdomain localhost >> 10.52.0.53 dc3.domain.local dc3.otherinternaldomain.local dc3 > Go on, I give in, why is 'dc3.otherinternaldomain.local' where it > shouldn't be ? We have two internal DNS domains. One that is associated with AD, one that is not. 'dc3.otherinternaldomain.local' was added to /etc/hosts (and a similar record on the other DC...

...in find_netbios scope=SCOPE_SUBTREE, attrs=["nETBIOSName"]) > If it fails, please tell os your: > > OS? All 3 DCs are Ubuntu 18.04. > Content of > > /etc/hosts # names that resolve to me 127.0.0.1 localhost.localdomain localhost 10.52.0.53 dc3.domain.local dc3.otherinternaldomain.local dc3 # ldbsearch -H /var/lib/samba/private/sam.ldb '(invocationId=*)' --cross-ncs objectguid 10.52.0.53 83c5f098-c119-44e8-b03d-762677d9ea62._msdcs.domain.local 10.52.0.54 1ad90669-7a5b-4109-aacd-ec1ab180aa88._msdcs.domain.local 10.52.0.55 d93756d7-a076-4c7a-8b9a-473770a55e74._msdcs.d...

...ncs -H /var/lib/samba/private/sam.ldb -b 'CN=Partitions,CN=Configuration,dc=domain,dc=local' -s sub '(nETBIOSName=*)' nETBIOSName It should return the domain name. > # names that resolve to me > 127.0.0.1 localhost.localdomain localhost > 10.52.0.53 dc3.domain.local dc3.otherinternaldomain.local dc3 Go on, I give in, why is 'dc3.otherinternaldomain.local' where it shouldn't be ? > > # ldbsearch -H /var/lib/samba/private/sam.ldb '(invocationId=*)' --cross-ncs objectguid > 10.52.0.53 83c5f098-c119-44e8-b03d-762677d9ea62._msdcs.domain.local > 10.52.0.54...

All- I've got 3 DCs (version 4.9.6-12) that, prior to today, were running without issue (as best I could tell). Every night I run a few commands to monitor the status of the DCs/domain. I run: * dbcheck --cross-ncs * samba-tool drs kcc <other DCs> * samba-tool ldapcmp <local DC> <other DCs> (domain|configuration|schema|dnsdomain|dnsforest) * samba-tool drs showrepl These