Displaying 20 results from an estimated 10000 matches similar to: "AD DC out of sync"
2015 Mar 12
3
AD DC out of sync
Hi Marc,
>> The cause is that the password change didn' reach both AD DCs, but only
>> one. The other one still had the old value as could be seen by
>> samba-tool ldapcmp. Restarting the DCs and waiting for a couple of
>> seconds brings them back to sync and Windows logons work as they used to.
>> Any idea, what I should do next time to obtain valuable output
2015 Mar 11
4
reslov.conf on two DC's
On 11/03/15 18:01, James wrote:
> Bob,
>
> Take a look at the following two links.
>
> http://retrohack.com/a-word-or-two-about-dns-islanding/
>
> http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest
>
> I have more than two DC's but generally I would have each one point at
> the other.
>
>
I tried that,
2015 Mar 12
3
reslov.conf on two DC's
a nice example about dns islanding.
http://retrohack.com/a-word-or-two-about-dns-islanding/
and with only 2 dc's
setup the resolv.confs like :
DC01
Primary DNS 10.1.1.2
Secondary DNS 127.0.0.1
DC02
Primary DNS 10.1.1.1
Secondary DNS 127.0.0.1
http://technet.microsoft.com/en-us/library/ff807362%28v=ws.10%29.aspx
says:
If the loopback IP address is the first entry in the list of
2015 Mar 11
0
AD DC out of sync
Hello Lars,
Am 11.03.2015 um 18:01 schrieb Lars Hanke:
> It now happened for the second time: Out of the blue, I could not login
> from windows machines or authenticate using smbclient, while
> Kerberos/nslcd were still working fine, after setting a password.
>
> The cause is that the password change didn' reach both AD DCs, but only
> one. The other one still had the old
2015 Apr 23
0
AD DC out of sync
It did happen again and this time I was a little less panicked and took
some time to figure out what happened.
On my primary DC (SAMBA) I did not notice anything extraordinary.
However, my secondary (VERDANDI) reported issues:
root at verdandi:~# samba-tool drs showrepl
Default-First-Site-Name\VERDANDI
DSA Options: 0x00000001
DSA object GUID: a03bbb51-1dca-44ae-a4d9-7aa8cb4a1ace
DSA
2015 Mar 11
2
reslov.conf on two DC's
When running two DC's is the recommended practice for the first DC to
resolve to itself, like this:
first DC /etc/resolv.conf file:
search samdom.tld
nameserver [DC1 ip address]
nameserver 127.0.0.1
And on second DC to both DC1 and DC2, like this:
search samdom.tld
nameserver [DC1 ip address]
nameserver [DC2 ip address]
nameserver 127.0.0.1
Or is the incorrect?
--
2019 May 22
2
dsdb_access Access check failed on CN=Configuration
All-
I've got 3 DCs (version 4.9.6-12) that, prior to today, were running without issue (as best I could tell).
Every night I run a few commands to monitor the status of the DCs/domain. I run:
* dbcheck --cross-ncs
* samba-tool drs kcc <other DCs>
* samba-tool ldapcmp <local DC> <other DCs> (domain|configuration|schema|dnsdomain|dnsforest)
* samba-tool drs showrepl
These
2019 Apr 19
1
joined computer not appear in all DCs (DC4 not sync with DC3)
Hello,
I had posted this in another topic, but because the problem is different, I
decided to create a new topic.
Conf:
- Primary DC/pdc Emulator as DC3
- Second DC as DC4
After an upgrade from schema 45 to 69 in DCs, when adding a computer in the
domain and if the domain to respond is DC4 the synchronization for DC3 is
not done.
I already did several tests that I already knew and also new
2015 Sep 02
1
DC sync
Morning,
On a DC:
[root at BPCTASRVSDC003 ~]# samba-tool drs showrepl | grep failure
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0 consecutive failure(s).
0
2020 Nov 16
6
changes on DC not replicated, while showrepl reports no issues
Hi all,
We are running a three DC samba AD, using 4.12.8 sernet packages. Very
stable for years.
Today at 12:30 my colleague moved two users from
* CN=Users,DC=samba,DC=company,DC=com
to
* OU=disabled,DC=samba,DC=company,DC=com
This change was done on the DC4 at 12:30 using LAM (ldap-account-manager
version 7.3)
Ever since that, my automated samba-tool ldapcmp scripts started
reporting
2014 Dec 01
3
uidNumber. ( Was: What is --rfc2307-from-nss ??)
Greg,
> Unfortunately, these attributes do not exist as standard, so you would
> either have to add a user with ADUC or manually add them yourselves with
> ldbedit. As standard on windows, they both start at '10000', though you
> can set them to whatever you require, just make sure that they do not
> interfere with any local Unix users.
If you like to manage Unix users
2019 May 01
2
Replication failures
Hai Mason,
I had a look at the debug output.
on 1) why around 15-16 second, that i really dont know. im trying to figure that out.
on 2) if DNS is inconsistance, that everything is unrelayable.
This is really the first the that needs fixing.
then we look again at the replication.
The debug output still shows several messages about zones in flat files.
I still do believe also that this
2019 Apr 29
4
Replication failures
Hai,
I snapped this part of you logs.
> Successful AuthZ: [DCE/RPC,krb5] user [COMPANY]\[DC6$] [S-1-5-21-2660373802-310620142-1895175072-6626] at [Fri, 26 Apr 2019 10:16:20.224329 PDT] Remote host [ipv4:10.14.16.11:35006] local host [ipv4:10.12.16.11:49153]
> [2019/04/26 10:16:23.503632, 0] ../../source4/lib/cmdline/popt_common.c:74(popt_s4_talloc_log_fn)
> Bad talloc magic value
2019 Jul 25
2
Possible problems with AD Schema in Samba 4
Hi,
I found that the base of Samba 4 DC is different from the base of Windows
Server 2008 DC. There are many mistakes when I make the comparison as the
result as follows (only parts of reult):
samba-tool ldapcmp ldap://WINDC1 ldap://SAMBA4-DC -Uadministrator
Password for [EMPRESA\administrator]:
* Comparing [DOMAIN] context...
* DN lists have different size: 1787 != 1788
* DNs found only in
2014 Dec 30
3
CUPS and Samba4
Hi,
I'm going to migrate my old CUPS server to a new setup. It shall provide
the printing backend for Samba4 and should integrate as seamless as
possible. Both Windows and Linux users should not require additional
passwords, but should be authenticated by their Kerberos tickets.
Is there anything particular to consider? E.g. has the CUPS server to be
joined to the AD and should it run a
2019 Mar 01
2
Replication and KCC problems on upgrade
Hello all-
I am trying to upgrade a old domain to a newer version. The old DCs are a custom compiled version of Samba, so instead of upgrading the DCs in place, the plan is to upgrade by joining new DCs to the domain, replicating data and then shutting down the old ones after transferring the FSMO roles.
I had the new DC (dc3, version 4.9.4-12) replicating to the other DCs (dc0, versions
2015 Jan 19
2
Joined machine cannot mount share, others can - strange
I run a Samba4 AD and joined a Synology NAS running Samba 3.6.9. I can
access the shares using smbclient or mount -t cifs from all Linux
machines (usually running Samba 3.6.6 clients). I can mount the shares
from WinXP home and Win7 home.
However, with a Win7 Ultimate machine joined to the AD most of the time
it doesn't work. I can logon to the machine with my AD credentials, but
I am
2016 Nov 16
3
samba 4.5.1 DC: attribute names are upper-case converted on replication
Hi,
I have set up a fresh DC from scratch using samba 4.5.1 with Bind9,
added another DC, all strictly following the instructions in the samba wiki.
Samba was built from the source tarball on debian/raspbian 8u8 (Jessie),
Bind9 is 9.9.5-9 coming with the OS.
Everything appears to be in a working order: I can join Windows
workstations, add Users with RSAT, etc.
Only when comparing the
2016 Jan 18
1
Samba DC sync issues - help
Hai Nico,
Ok great, its fixed, and yes, i do think that the reboot fixed it, dont ask my why, i dont know.. i only know the fix ;-)
Seen this few times before..
About the script, did you run it without the password in the script or with the password in the script?
So i can check whats wrong there.
Your running samba 4.1.17 ? on which os?
Greetz,
Louis
Van:
2015 Mar 23
3
samba4 check database replication script. samba-check-db-repl.sh
Hai,????
?
I?have created a new?script for checking samba DC database replications.
?
I?have tested with 2 DC's , if there people with more than 2 DCs, and want to test for me, would be great.
I tested on debian wheezy, but should work on any apt-get capable os.? ( but not?tested )
?
What it does..
- auto detects the?DC in you network.
-?detects the DC met FSMO roles and compairs this