similar to: Horrible BIND9_DLZ DNS breakage after DC replaced and samba-tool domain demote --remove-other-dead-server

On 12/08/16 18:00, Alex Crow via samba wrote: > Hi List, > > We are running through testing our migration to Samba4/AD domain and > hit an odd issue. > > We set up one new VM as a legacy PDC and performed a migration on this > machine. All went fine. We added a second DC with no issues. We then > simulated the first DC going away by unplugging the VM NIC and did an >

On Sun, 14 Aug 2016 21:52:43 +0100 Alex Crow via samba <samba at lists.samba.org> wrote: > > > I am fairly sure this is your problem, it should be able to find the > > KDC on its own DC. Have you checked /etc/krb5.conf, /etc/hosts > > and /etc/resolv.conf ? > > With the BIND server not running, and this krb5.conf: > > [libdefaults] >

> I am fairly sure this is your problem, it should be able to find the > KDC on its own DC. Have you checked /etc/krb5.conf, /etc/hosts > and /etc/resolv.conf ? With the BIND server not running, and this krb5.conf: [libdefaults] default_realm = SAMBA.IFA.NET dns_lookup_realm = false dns_lookup_kdc = true ~ samba_dnsupdate cannot find

On Sun, 14 Aug 2016 20:48:04 +0100 Alex Crow via samba <samba at lists.samba.org> wrote: > > > On 14/08/16 19:37, Rowland Penny via samba wrote: > > On Sun, 14 Aug 2016 19:18:41 +0100 > > Alex Crow via samba <samba at lists.samba.org> wrote: > > > >>> Ok, lets just run through this: > >>> You have an NT4-style PDC > >>

On Sun, 14 Aug 2016 18:02:19 +0100 Alex Crow via samba <samba at lists.samba.org> wrote: > Hi List, > > I have just reproduced this issue with Sernet Samba 4.4.5. I did a > migration from classic on a new VM, and this time created the next DC > on a new IP. As soon as I issued "samba-tool domain demote > --remove-other-dead-server=<original DC name>". I

On 14/08/16 22:14, Rowland Penny via samba wrote: > On Sun, 14 Aug 2016 21:52:43 +0100 > Alex Crow via samba <samba at lists.samba.org> wrote: > >>> I am fairly sure this is your problem, it should be able to find the >>> KDC on its own DC. Have you checked /etc/krb5.conf, /etc/hosts >>> and /etc/resolv.conf ? >> With the BIND server not running, and

In addition with Rowlands comment. I suggest you try /etc/hosts add only 127.0.0.1 localhost Now type Hostname -f Hostname -s Hostname -d Hostname -I Are these all correct? > No, Edit resolv.conf domain samba.ifa.net search samba.ifa.net ifa.net nameserver 127.0.0.1 What happens now if you try the above command. Correct? Yes => correct your hosts and resolv.conf No || \/

On Sun, 14 Aug 2016 19:18:41 +0100 Alex Crow via samba <samba at lists.samba.org> wrote: > > > > > Ok, lets just run through this: > > You have an NT4-style PDC > Correct. > > You classicupgrade this to a DC > Yes, with BIND9_DLZ DNS backend. > > > You join another computer as a DC > > > > At this point, have you checked that all DNS

> > Ok, lets just run through this: > You have an NT4-style PDC Correct. > You classicupgrade this to a DC Yes, with BIND9_DLZ DNS backend. > You join another computer as a DC > > At this point, have you checked that all DNS records etc are correct ? Yes, I followed the procedure on the Wiki at: https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_joins I setup

On 14/08/16 19:37, Rowland Penny via samba wrote: > On Sun, 14 Aug 2016 19:18:41 +0100 > Alex Crow via samba <samba at lists.samba.org> wrote: > >>> Ok, lets just run through this: >>> You have an NT4-style PDC >> Correct. >>> You classicupgrade this to a DC >> Yes, with BIND9_DLZ DNS backend. >> >>> You join another computer as

BTW apologies for any Out of office replies, I'm not allowed to disable these myself (sigh). -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. This email is not intended to,

On Tue, 16 Aug 2016 09:20:56 +0100 Rowland Penny via samba <samba at lists.samba.org> wrote: > On Mon, 15 Aug 2016 19:59:56 +0100 > Rowland Penny via samba <samba at lists.samba.org> wrote: > > > On Mon, 15 Aug 2016 16:02:38 +0100 > > Rowland Penny via samba <samba at lists.samba.org> wrote: > > > > > > So, as the OP said, this is a bit

Thanks Rowland, just got back from holidays to see this. It's great to have a solution but I don't think these "secret incantations" should really be required. Do you agree with this sentiment? Cheers Alex On 16/08/16 15:04, Rowland Penny via samba wrote: > On Tue, 16 Aug 2016 09:20:56 +0100 > Rowland Penny via samba <samba at lists.samba.org> wrote: >

On Mon, 15 Aug 2016 16:02:38 +0100 Rowland Penny via samba <samba at lists.samba.org> wrote: > > OK, this has nothing to do with the classicupgrade, I have setup a > couple of VMs and provisioned a test DC in one and joined another DC > in the other. > > I am now at the point the OP is at, samba_dnsupdate cannot add the > required records, all I get in log.samba is

I'm testing to a seamless upgrade from 4.3.11 to 4.8.3 on my test setup. Database migrating from 4.3.11 was successful. After "samba-tool dbdcheck --cross-ncs --fix --yes", 4.8.3 was launching ok except replication (4.3.11 to 4.8.3 : WERR_BADFILE). After demoting older ones and seize (transfer doesn't work) all roles to 4.8.3, dns (bind_dlz) service won't start anymore

Hi I have a DC server (named dc-server1) with corrupted database. I transferred all FSMO to dc-server2 and now I'm trying to demote dc-server1 running "samba-tool domain demote --verbose --remove-other-dead-server=dc-server1" on dc-server2, but the following error occurred. The problem continues even after running "samba-tool dbcheck --cross-ncs --fix --yes". Samba

Andrew, that is great news! Thank you very much for your continuous effort in providing Samba for us! Ole Am 31.10.2015 um 10:36 schrieb Andrew Bartlett: > On Wed, 2015-10-28 at 16:42 +0100, Ole Traupe wrote: >> Hi, >> >> I demoted my PDC (DC1) forcefully, because replication (among others) >> wasn't working anymore due to hard disk failure and I was afraid of

Hi All, I've been testing Samba 4.5.1 extensively as an AD DC. We have 3 DC set up, and replication of users, groups, OUs, DNS etc has been working fine. However we wanted to add some custom attributes and a class to the schema (an assortment of string and numericalString) for our own purposes. This also worked fine (and the Schema replication worked), but some oddness happened when we

My first Active Directory setup had two DC's and shortly after getting things going the second DC created a hardware failure issue and I just continued life with one DC. Now, while upgrading I am returning to two DC's. In a normal Bind9 "master and slave" setup the master always "feeds" the slave. With Bind9_DLZ setup (recommended to be used with Samba4) there is

Hi, I'm running a samba CTDB setup using default Centos 7.2 repos, fully up-to-date. This is in pre-production so this is quite a nasty problem. Everything was running fine, including after a package update 1-2 days ago. However, this morning I can't get winbind started, CTDB times it out. I've taken the clustering=yes line out of smb.conf, and run winbind at dedug level from the