subject:"\[Samba\] Replication Samba PDC to Samba BDC"

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-04 Thread David González Herrera - [DGHVoIP]


On 6/4/2013 8:35 AM, Ricky Nance wrote:

@Giedrius
"Not exactly, as I wrote in my other posts to mailing list, this is 
glibc's nss dns resolvers'  (libnss_dns.so) issue that is ignoring 
hostnames with "_" (*_*msdcs)"


Which OS's does that affect?

PDC  is Ubuntu 12.0.4

root@samba:~# cat /etc/debian_version
wheezy/sid

root@samba:~# samba -V
Version 4.1.0pre1-GIT-8bf3112

BDC is on Ubuntu Server 12.0.4

root@bdc:~# samba -V
Version 4.1.0pre1-GIT-b238008




@David, Is your nameserver (in /etc/resolv.conf) on dcA ip.to.dc.a and 
on dcB ip.to.dc.b if so, what happens when you set them both to A? how 
about when you set them both to B? I'd play around with that a bit 
until you get a good replication, then restart samba on both DC's and 
set them properly (dcA needs ip.to.dc.a and dcB needs ip.to.dc.b) .


Yes, after putting ip.to.dc.a on DCB and vice-versa I get the same can't 
find bla.blah.msc A record, it only works back again when I add the 
name to /etc/hosts.


Is there any patch I can apply to samba or the like to have this fixed?.

Thanks.



Ricky


On Tue, Jun 4, 2013 at 1:59 AM, "David González Herrera - [DGHVoIP]" 
mailto:i...@dghvoip.com>> wrote:


On 6/4/2013 1:28 AM, Giedrius wrote:

2013.06.04 09:10, "David González Herrera - [DGHVoIP]" rašė:

On 6/3/2013 11:57 PM, Giedrius wrote:

Hi,

2013.06.04 04:16, "David González Herrera - [DGHVoIP]"
rašė:

Hi,

Let's see if any of the questions gets answered or
at least I get
ponte dto something that can help me.

I followed this wiki:

http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain

I have my S4 domain running, I compiled and
installed another S4 to
replicate the first server and joined successfully
to the domain but
replication seems to be broken.

Commandused:


root@bdc:~# samba-tool domain join mundo.local DC
-Uadministrator
--realm=mundo.local --password=Mugr3P0pO
--dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'mundo.local'
Found DC samba.mundo.local
workgroup is mundo
realm is mundo.local
checking sAMAccountName
Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Adding

CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding CN=NTDS

Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding SPNs to CN=BDC,OU=Domain
Controllers,DC=mundo,DC=local
Setting account password for BDC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mundo,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=mundo,DC=local]
objects[402/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local]
objects[804/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local]
objects[1206/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local]
objects[1608/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local]
objects[1614/1614]
linked_values[28/0]
Replicating critical objects from the base DN of
the domain
Partition[DC=mundo,DC=local] objects[98/98]
linked_values[31/0]
Partition[DC=mundo,DC=local] objects[336/238]
linked_values[74/0]
D

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-04 Thread Giedrius

Hi,
2013.06.04 16:35, Ricky Nance rašė:
> @Giedrius
> "Not exactly, as I wrote in my other posts to mailing list, this
> is glibc's nss dns resolvers'  (libnss_dns.so) issue that is
> ignoring hostnames with "_" (*_*msdcs)"
>
> Which OS's does that affect?
I personally tested this on openSUSE 12.2 and 12.3 (bug report:
https://bugzilla.novell.com/show_bug.cgi?id=822414)
From the mailing list - seems this bug is much more wildspread
>
> @David, Is your nameserver (in /etc/resolv.conf) on dcA ip.to.dc.a and
> on dcB ip.to.dc.b if so, what happens when you set them both to A? how
> about when you set them both to B? I'd play around with that a bit
> until you get a good replication, then restart samba on both DC's and
> set them properly (dcA needs ip.to.dc.a and dcB needs ip.to.dc.b) .
I doubt this would change anything, given there is a working DNS,
allow-query / firewall setup. but this is easily checked with host /
dig / nslookup commands.
And for that matter - his DNS setup is working: host / dig tests are not
failing
The problem is with the RESOLVER LIBRARY failing(at least in my case) to
return replies from DNS , so changing DNS servers address will not in
any way fix the problem.
It simply will not be returned to the program through the system calls
(at lease for me, tcpdump shown DNS *is* replying)
Better solution is to fix that damn bug in glibc (or use /etc/hosts |
mdns | whatever) and specify BOTH dcA AND dcB in resolv.conf.
So that if one of them fails - the other replies.
>
> Ricky
>
>
> On Tue, Jun 4, 2013 at 1:59 AM, "David González Herrera - [DGHVoIP]"
> mailto:i...@dghvoip.com>> wrote:
>
> On 6/4/2013 1:28 AM, Giedrius wrote:
>
> 2013.06.04 09:10, "David González Herrera - [DGHVoIP]" rašė:
>
> On 6/3/2013 11:57 PM, Giedrius wrote:
>
> Hi,
>
> 2013.06.04 04:16, "David González Herrera - [DGHVoIP]"
> rašė:
>
> Hi,
>
> Let's see if any of the questions gets answered or
> at least I get
> ponte dto something that can help me.
>
> I followed this wiki:
> 
> http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain
>
> I have my S4 domain running, I compiled and
> installed another S4 to
> replicate the first server and joined successfully
> to the domain but
> replication seems to be broken.
>
> Commandused:
>
>
> root@bdc:~# samba-tool domain join mundo.local DC
> -Uadministrator
> --realm=mundo.local --password=Mugr3P0pO
> --dns-backend=BIND9_DLZ
> Finding a writeable DC for domain 'mundo.local'
> Found DC samba.mundo.local
> workgroup is mundo
> realm is mundo.local
> checking sAMAccountName
> Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Adding
> 
> CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding CN=NTDS
> 
> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding SPNs to CN=BDC,OU=Domain
> Controllers,DC=mundo,DC=local
> Setting account password for BDC$
> Enabling account
> Calling bare provision
> No IPv6 address will be assigned
> Provision OK for domain DN DC=mundo,DC=local
> Starting replication
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[402/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[804/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1206/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1550/1550] linked_values[0/0]
> Analyze and apply schema objects
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[402/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[804/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local]
> objects[1206/1614]
> linked_values[0/0]
> Partition[CN=Conf

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-04 Thread Ricky Nance

@Giedrius
"Not exactly, as I wrote in my other posts to mailing list, this is glibc's
nss dns resolvers'  (libnss_dns.so) issue that is ignoring hostnames with
"_" (*_*msdcs)"

Which OS's does that affect?

@David, Is your nameserver (in /etc/resolv.conf) on dcA ip.to.dc.a and on
dcB ip.to.dc.b if so, what happens when you set them both to A? how about
when you set them both to B? I'd play around with that a bit until you get
a good replication, then restart samba on both DC's and set them properly
(dcA needs ip.to.dc.a and dcB needs ip.to.dc.b) .

Ricky


On Tue, Jun 4, 2013 at 1:59 AM, "David González Herrera - [DGHVoIP]" <
i...@dghvoip.com> wrote:

> On 6/4/2013 1:28 AM, Giedrius wrote:
>
>> 2013.06.04 09:10, "David González Herrera - [DGHVoIP]" rašė:
>>
>>> On 6/3/2013 11:57 PM, Giedrius wrote:
>>>
 Hi,

 2013.06.04 04:16, "David González Herrera - [DGHVoIP]" rašė:

> Hi,
>
> Let's see if any of the questions gets answered or at least I get
> ponte dto something that can help me.
>
> I followed this wiki:
> http://wiki.samba.org/index.**php/Samba4/HOWTO/Join_a_**
> domain_as_a_DC#Getting_ready_**for_joining_Samba_as_a_DC_to_**
> an_existing_domain
>
> I have my S4 domain running, I compiled and installed another S4 to
> replicate the first server and joined successfully to the domain but
> replication seems to be broken.
>
> Commandused:
>
>
> root@bdc:~# samba-tool domain join mundo.local DC -Uadministrator
> --realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
> Finding a writeable DC for domain 'mundo.local'
> Found DC samba.mundo.local
> workgroup is mundo
> realm is mundo.local
> checking sAMAccountName
> Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Adding
> CN=BDC,CN=Servers,CN=Default-**First-Site-Name,CN=Sites,CN=**
> Configuration,DC=mundo,DC=**local
> Adding CN=NTDS
> Settings,CN=BDC,CN=Servers,CN=**Default-First-Site-Name,CN=**
> Sites,CN=Configuration,DC=**mundo,DC=local
> Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Setting account password for BDC$
> Enabling account
> Calling bare provision
> No IPv6 address will be assigned
> Provision OK for domain DN DC=mundo,DC=local
> Starting replication
> Schema-DN[CN=Schema,CN=**Configuration,DC=mundo,DC=**local]
> objects[402/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=**Configuration,DC=mundo,DC=**local]
> objects[804/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=**Configuration,DC=mundo,DC=**local]
> objects[1206/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=**Configuration,DC=mundo,DC=**local]
> objects[1550/1550] linked_values[0/0]
> Analyze and apply schema objects
> Partition[CN=Configuration,DC=**mundo,DC=local] objects[402/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=**mundo,DC=local] objects[804/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=**mundo,DC=local] objects[1206/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=**mundo,DC=local] objects[1608/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=**mundo,DC=local] objects[1614/1614]
> linked_values[28/0]
> Replicating critical objects from the base DN of the domain
> Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
> Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
> Done with always replicated NC (base, config, schema)
> Replicating DC=DomainDnsZones,DC=mundo,DC=**local
> Partition[DC=DomainDnsZones,**DC=mundo,DC=local] objects[42/42]
> linked_values[0/0]
> Replicating DC=ForestDnsZones,DC=mundo,DC=**local
> Partition[DC=ForestDnsZones,**DC=mundo,DC=local] objects[18/18]
> linked_values[0/0]
> Partition[DC=ForestDnsZones,**DC=mundo,DC=local] objects[36/18]
> linked_values[0/0]
> Committing SAM database
> Sending DsReplicateUpdateRefs for all the replicated partitions
> Setting isSynchronized and dsServiceName
> Setting up secrets database
> Joined domain mundo (SID S-1-5-21-1918558401-**2200574552-2151153235)
> as
> a DC
>
> Seemed to have succeded, then I radn the recommended tests
>
> # ldbsearch -H /usr/local/samba/private/sam.**ldb '(invocationid=*)'
> --cross-ncs objectguid
> # record 1
> dn: CN=NTDS
> Settings,CN=BDC,CN=Servers,CN=**Default-First-Site-Name,CN=**
> Sites,CN=Configuration,DC=**mundo,DC=local
> objectGUID: 7106cbf4-3cf6-4ed9-b019-**dd937035b1e7
>
> # record 2
> dn: CN=NTDS
> Settings,CN=SAMBA,CN=Servers,**CN=Default-First-Site-Name,CN=**
> Sites,CN=Configuration,DC=**mundo,DC=local
> objectGUID: ad828198-a723-44c2-8d7f-**d5f801e

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-03 Thread David González Herrera - [DGHVoIP]


On 6/4/2013 1:28 AM, Giedrius wrote:

2013.06.04 09:10, "David González Herrera - [DGHVoIP]" rašė:

On 6/3/2013 11:57 PM, Giedrius wrote:

Hi,

2013.06.04 04:16, "David González Herrera - [DGHVoIP]" rašė:

Hi,

Let's see if any of the questions gets answered or at least I get
ponte dto something that can help me.

I followed this wiki:
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain

I have my S4 domain running, I compiled and installed another S4 to
replicate the first server and joined successfully to the domain but
replication seems to be broken.

Commandused:


root@bdc:~# samba-tool domain join mundo.local DC -Uadministrator
--realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'mundo.local'
Found DC samba.mundo.local
workgroup is mundo
realm is mundo.local
checking sAMAccountName
Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Adding
CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding CN=NTDS
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Setting account password for BDC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mundo,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614]
linked_values[28/0]
Replicating critical objects from the base DN of the domain
Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=mundo,DC=local
Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42]
linked_values[0/0]
Replicating DC=ForestDnsZones,DC=mundo,DC=local
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18]
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18]
linked_values[0/0]
Committing SAM database
Sending DsReplicateUpdateRefs for all the replicated partitions
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as
a DC

Seemed to have succeded, then I radn the recommended tests

# ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)'
--cross-ncs objectguid
# record 1
dn: CN=NTDS
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7

# record 2
dn: CN=NTDS
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f

# returned 2 records
# 2 entries
# 0 referrals


These testes run from the BDC seem to work.

host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias
for samba.mundo.local.

host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias
for bdc.mundo.local.

root@bdc:~# host -t A bdc.mundo.local.
bdc.mundo.local has address 10.10.10.20

root@bdc:~# host -t A samba.mundo.local.
samba.mundo.local has address 10.10.10.5


Error showing up on the BDC

dns child failed to find name
'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
dreplsrv_notify: Failed to send DsReplicaSync to
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for
CN=Configuration,DC=mundo,DC=local - *NT_STATUS_OBJECT_NAME_NOT_FOUND
: WERR_BADFILE *

Did you AT LEAST search the mailing list???
Check if ping (or any program using GLIBC's *NSS* DNS resolver) can
resolve your 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local name

Yes I searched the ML with no luck.

Yes, I did and it works, I had to add
7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.loca lto /etc/hosts
and it works.

So I thinks it's a DNS issue.

Not exactly, as I wrote in my other posts to mailing list, this is
glibc's nss dns resolvers'  (libnss_dns.so) issue that is ignoring
hostnames with "_" (

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-03 Thread Giedrius

2013.06.04 09:10, "David González Herrera - [DGHVoIP]" rašė:
> On 6/3/2013 11:57 PM, Giedrius wrote:
>> Hi,
>>
>> 2013.06.04 04:16, "David González Herrera - [DGHVoIP]" rašė:
>>> Hi,
>>>
>>> Let's see if any of the questions gets answered or at least I get
>>> ponte dto something that can help me.
>>>
>>> I followed this wiki:
>>> http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain
>>>
>>> I have my S4 domain running, I compiled and installed another S4 to
>>> replicate the first server and joined successfully to the domain but
>>> replication seems to be broken.
>>>
>>> Commandused:
>>>
>>>
>>> root@bdc:~# samba-tool domain join mundo.local DC -Uadministrator
>>> --realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
>>> Finding a writeable DC for domain 'mundo.local'
>>> Found DC samba.mundo.local
>>> workgroup is mundo
>>> realm is mundo.local
>>> checking sAMAccountName
>>> Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
>>> Adding
>>> CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
>>> Adding CN=NTDS
>>> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
>>> Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
>>> Setting account password for BDC$
>>> Enabling account
>>> Calling bare provision
>>> No IPv6 address will be assigned
>>> Provision OK for domain DN DC=mundo,DC=local
>>> Starting replication
>>> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
>>> objects[402/1550] linked_values[0/0]
>>> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
>>> objects[804/1550] linked_values[0/0]
>>> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
>>> objects[1206/1550] linked_values[0/0]
>>> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
>>> objects[1550/1550] linked_values[0/0]
>>> Analyze and apply schema objects
>>> Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614]
>>> linked_values[0/0]
>>> Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614]
>>> linked_values[0/0]
>>> Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614]
>>> linked_values[0/0]
>>> Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614]
>>> linked_values[0/0]
>>> Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614]
>>> linked_values[28/0]
>>> Replicating critical objects from the base DN of the domain
>>> Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
>>> Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
>>> Done with always replicated NC (base, config, schema)
>>> Replicating DC=DomainDnsZones,DC=mundo,DC=local
>>> Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42]
>>> linked_values[0/0]
>>> Replicating DC=ForestDnsZones,DC=mundo,DC=local
>>> Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18]
>>> linked_values[0/0]
>>> Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18]
>>> linked_values[0/0]
>>> Committing SAM database
>>> Sending DsReplicateUpdateRefs for all the replicated partitions
>>> Setting isSynchronized and dsServiceName
>>> Setting up secrets database
>>> Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as
>>> a DC
>>>
>>> Seemed to have succeded, then I radn the recommended tests
>>>
>>> # ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)'
>>> --cross-ncs objectguid
>>> # record 1
>>> dn: CN=NTDS
>>> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
>>> objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
>>>
>>> # record 2
>>> dn: CN=NTDS
>>> Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
>>> objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>>>
>>> # returned 2 records
>>> # 2 entries
>>> # 0 referrals
>>>
>>>
>>> These testes run from the BDC seem to work.
>>>
>>> host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
>>> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias
>>> for samba.mundo.local.
>>>
>>> host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
>>> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias
>>> for bdc.mundo.local.
>>>
>>> root@bdc:~# host -t A bdc.mundo.local.
>>> bdc.mundo.local has address 10.10.10.20
>>>
>>> root@bdc:~# host -t A samba.mundo.local.
>>> samba.mundo.local has address 10.10.10.5
>>>
>>>
>>> Error showing up on the BDC
>>>
>>> dns child failed to find name
>>> 'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
>>> dreplsrv_notify: Failed to send DsReplicaSync to
>>> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for
>>> CN=Configuration,DC=mundo,DC=local - *NT_STATUS_OBJECT_NAME_NOT_FOUND
>>> : WERR_BADFILE *
>> Did you AT LEAST search the mailing list???
>> Check if ping (or any program using GLIBC's *NSS* DNS resolver) can
>>

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-03 Thread David González Herrera - [DGHVoIP]


On 6/3/2013 11:57 PM, Giedrius wrote:

Hi,

2013.06.04 04:16, "David González Herrera - [DGHVoIP]" rašė:

Hi,

Let's see if any of the questions gets answered or at least I get
ponte dto something that can help me.

I followed this wiki:
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain

I have my S4 domain running, I compiled and installed another S4 to
replicate the first server and joined successfully to the domain but
replication seems to be broken.

Commandused:


root@bdc:~# samba-tool domain join mundo.local DC -Uadministrator
--realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'mundo.local'
Found DC samba.mundo.local
workgroup is mundo
realm is mundo.local
checking sAMAccountName
Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Adding
CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding CN=NTDS
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Setting account password for BDC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mundo,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614]
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614]
linked_values[28/0]
Replicating critical objects from the base DN of the domain
Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=mundo,DC=local
Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42]
linked_values[0/0]
Replicating DC=ForestDnsZones,DC=mundo,DC=local
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18]
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18]
linked_values[0/0]
Committing SAM database
Sending DsReplicateUpdateRefs for all the replicated partitions
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as
a DC

Seemed to have succeded, then I radn the recommended tests

# ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)'
--cross-ncs objectguid
# record 1
dn: CN=NTDS
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7

# record 2
dn: CN=NTDS
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f

# returned 2 records
# 2 entries
# 0 referrals


These testes run from the BDC seem to work.

host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias
for samba.mundo.local.

host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias
for bdc.mundo.local.

root@bdc:~# host -t A bdc.mundo.local.
bdc.mundo.local has address 10.10.10.20

root@bdc:~# host -t A samba.mundo.local.
samba.mundo.local has address 10.10.10.5


Error showing up on the BDC

dns child failed to find name
'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
dreplsrv_notify: Failed to send DsReplicaSync to
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for
CN=Configuration,DC=mundo,DC=local - *NT_STATUS_OBJECT_NAME_NOT_FOUND
: WERR_BADFILE *

Did you AT LEAST search the mailing list???
Check if ping (or any program using GLIBC's *NSS* DNS resolver) can
resolve your 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local name

Yes I searched the ML with no luck.

Yes, I did and it works, I had to add 
7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.loca lto /etc/hosts 
and it works.


So I thinks it's a DNS issue.

Thanks for your answer.

I tried to check replication status but this error shows

root@bdc:~# samba-tool drs showrepl
Default-First-Site-Name\BDC
DSA Options: 0x0001
DSA object GUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
DSA invocationId: 609fd8be

Re: [Samba] Replication Samba PDC to Samba BDC

2013-06-03 Thread Giedrius

Hi,

2013.06.04 04:16, "David González Herrera - [DGHVoIP]" rašė:
> Hi,
>
> Let's see if any of the questions gets answered or at least I get
> ponte dto something that can help me.
>
> I followed this wiki:
> http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain
>
> I have my S4 domain running, I compiled and installed another S4 to
> replicate the first server and joined successfully to the domain but
> replication seems to be broken.
>
> Commandused:
>
>
> root@bdc:~# samba-tool domain join mundo.local DC -Uadministrator
> --realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ
> Finding a writeable DC for domain 'mundo.local'
> Found DC samba.mundo.local
> workgroup is mundo
> realm is mundo.local
> checking sAMAccountName
> Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Adding
> CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding CN=NTDS
> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
> Setting account password for BDC$
> Enabling account
> Calling bare provision
> No IPv6 address will be assigned
> Provision OK for domain DN DC=mundo,DC=local
> Starting replication
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[402/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[804/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1206/1550] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local]
> objects[1550/1550] linked_values[0/0]
> Analyze and apply schema objects
> Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614]
> linked_values[0/0]
> Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614]
> linked_values[28/0]
> Replicating critical objects from the base DN of the domain
> Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
> Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
> Done with always replicated NC (base, config, schema)
> Replicating DC=DomainDnsZones,DC=mundo,DC=local
> Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42]
> linked_values[0/0]
> Replicating DC=ForestDnsZones,DC=mundo,DC=local
> Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18]
> linked_values[0/0]
> Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18]
> linked_values[0/0]
> Committing SAM database
> Sending DsReplicateUpdateRefs for all the replicated partitions
> Setting isSynchronized and dsServiceName
> Setting up secrets database
> Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as
> a DC
>
> Seemed to have succeded, then I radn the recommended tests
>
> # ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)'
> --cross-ncs objectguid
> # record 1
> dn: CN=NTDS
> Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
>
> # record 2
> dn: CN=NTDS
> Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
> objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f
>
> # returned 2 records
> # 2 entries
> # 0 referrals
>
>
> These testes run from the BDC seem to work.
>
> host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias
> for samba.mundo.local.
>
> host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
> 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias
> for bdc.mundo.local.
>
> root@bdc:~# host -t A bdc.mundo.local.
> bdc.mundo.local has address 10.10.10.20
>
> root@bdc:~# host -t A samba.mundo.local.
> samba.mundo.local has address 10.10.10.5
>
>
> Error showing up on the BDC
>
> dns child failed to find name
> 'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
> dreplsrv_notify: Failed to send DsReplicaSync to
> ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for
> CN=Configuration,DC=mundo,DC=local - *NT_STATUS_OBJECT_NAME_NOT_FOUND
> : WERR_BADFILE *
Did you AT LEAST search the mailing list???
Check if ping (or any program using GLIBC's *NSS* DNS resolver) can
resolve your 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local name
>
> I tried to check replication status but this error shows
>
> root@bdc:~# samba-tool drs showrepl
> Default-First-Site-Name\BDC
> DSA Options: 0x0001
> DSA object GUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
> DSA invocationId: 609fd8be-7e0c-49ca-a5f5-1a68237ef03f
>
> =

[Samba] Replication Samba PDC to Samba BDC

2013-06-03 Thread David González Herrera - [DGHVoIP]


Hi,

Let's see if any of the questions gets answered or at least I get ponte 
dto something that can help me.


I followed this wiki: 
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Getting_ready_for_joining_Samba_as_a_DC_to_an_existing_domain


I have my S4 domain running, I compiled and installed another S4 to 
replicate the first server and joined successfully to the domain but 
replication seems to be broken.


Commandused:


root@bdc:~# samba-tool domain join mundo.local DC -Uadministrator 
--realm=mundo.local --password=Mugr3P0pO --dns-backend=BIND9_DLZ

Finding a writeable DC for domain 'mundo.local'
Found DC samba.mundo.local
workgroup is mundo
realm is mundo.local
checking sAMAccountName
Adding CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Adding 
CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local
Adding CN=NTDS 
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local

Adding SPNs to CN=BDC,OU=Domain Controllers,DC=mundo,DC=local
Setting account password for BDC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mundo,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=mundo,DC=local] 
objects[1550/1550] linked_values[0/0]

Analyze and apply schema objects
Partition[CN=Configuration,DC=mundo,DC=local] objects[402/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[804/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1206/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1608/1614] 
linked_values[0/0]
Partition[CN=Configuration,DC=mundo,DC=local] objects[1614/1614] 
linked_values[28/0]

Replicating critical objects from the base DN of the domain
Partition[DC=mundo,DC=local] objects[98/98] linked_values[31/0]
Partition[DC=mundo,DC=local] objects[336/238] linked_values[74/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=mundo,DC=local
Partition[DC=DomainDnsZones,DC=mundo,DC=local] objects[42/42] 
linked_values[0/0]

Replicating DC=ForestDnsZones,DC=mundo,DC=local
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[18/18] 
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=mundo,DC=local] objects[36/18] 
linked_values[0/0]

Committing SAM database
Sending DsReplicateUpdateRefs for all the replicated partitions
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain mundo (SID S-1-5-21-1918558401-2200574552-2151153235) as a DC

Seemed to have succeded, then I radn the recommended tests

# ldbsearch -H /usr/local/samba/private/sam.ldb '(invocationid=*)' 
--cross-ncs objectguid

# record 1
dn: CN=NTDS 
Settings,CN=BDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local

objectGUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7

# record 2
dn: CN=NTDS 
Settings,CN=SAMBA,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundo,DC=local

objectGUID: ad828198-a723-44c2-8d7f-d5f801e2849f

# returned 2 records
# 2 entries
# 0 referrals


These testes run from the BDC seem to work.

host -t CNAME ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local is an alias for 
samba.mundo.local.


host -t CNAME 7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local
7106cbf4-3cf6-4ed9-b019-dd937035b1e7._msdcs.mundo.local is an alias for 
bdc.mundo.local.


root@bdc:~# host -t A bdc.mundo.local.
bdc.mundo.local has address 10.10.10.20

root@bdc:~# host -t A samba.mundo.local.
samba.mundo.local has address 10.10.10.5


Error showing up on the BDC

dns child failed to find name 
'ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local' of type A
dreplsrv_notify: Failed to send DsReplicaSync to 
ad828198-a723-44c2-8d7f-d5f801e2849f._msdcs.mundo.local for 
CN=Configuration,DC=mundo,DC=local - NT_STATUS_OBJECT_NAME_NOT_FOUND : 
WERR_BADFILE


I tried to check replication status but this error shows

root@bdc:~# samba-tool drs showrepl
Default-First-Site-Name\BDC
DSA Options: 0x0001
DSA object GUID: 7106cbf4-3cf6-4ed9-b019-dd937035b1e7
DSA invocationId: 609fd8be-7e0c-49ca-a5f5-1a68237ef03f

 INBOUND NEIGHBORS 

DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC
DSA object GUID: ad828198-a723-44c2-8d7f-d5f801e2849f
Last attempt @ Mon Jun  3 20:58:43 2013 EDT failed, 
result 2 (WERR_BADFILE)

8 consecutive failure(s).
Last success @ Mon Jun  3 20:35:43 2013 EDT

CN=Schema,CN=Configuration,DC=mundo,DC=local
Default-First-Site-Name\SAMBA via RPC

Re: [Samba] Replication Samba PDC to Samba BDC

Re: [Samba] Replication Samba PDC to Samba BDC

Re: [Samba] Replication Samba PDC to Samba BDC

Re: [Samba] Replication Samba PDC to Samba BDC

Re: [Samba] Replication Samba PDC to Samba BDC

Re: [Samba] Replication Samba PDC to Samba BDC

Re: [Samba] Replication Samba PDC to Samba BDC

[Samba] Replication Samba PDC to Samba BDC

8 matches

Site Navigation

Mail list logo

Footer information