LINUX.ORG.RU
ФорумAdmin

samba4.2 ad repl

 ,


0

1

Настроено два dc проблема в репликации на вторичной cd лог samba 

tail -f /var/log/samba/log.samba
[2016/07/18 13:04:15.182711,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for DC=ForestDnsZones,DC=domain,DC=com
[2016/07/18 13:04:15.301575,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=domain,DC=com
[2016/07/18 13:04:15.381087,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for DC=domain,DC=com
[2016/07/18 13:04:15.477777,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for CN=Configuration,DC=domain,DC=com
[2016/07/18 13:05:32.337949,  3] ../lib/ldb-samba/ldb_wrap.c:321(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2016/07/18 13:06:28.102903,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/18 13:06:28.103913,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/18 13:09:01.584750,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/18 13:09:14.869092,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 2 objects (0 linked attributes) for DC=DomainDnsZones,DC=domain,DC=com
[2016/07/18 13:09:14.911855,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for DC=ForestDnsZones,DC=domain,DC=com
[2016/07/18 13:09:15.004485,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=domain,DC=com
[2016/07/18 13:09:15.051610,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for DC=domain,DC=com
[2016/07/18 13:09:15.129192,  2] ../source4/dsdb/repl/replicated_objects.c:944(dsdb_replicated_objects_commit)
  Replicated 0 objects (0 linked attributes) for CN=Configuration,DC=domain,DC=com
что в принципе нормально. Лог первичного 
[2016/07/18 13:09:21.654762,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:21.701847,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:21.729139,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:21.755039,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:26.620163,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:26.668430,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:26.708645,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:26.746730,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:26.769800,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
[2016/07/18 13:09:31.629528,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com<0x20>
конфиги 
 cat /etc/samba/smb.conf
# Global parameters
[global]
        workgroup = DOMAIN
        realm = DOMAIN.COM
        netbios name = PDC0
        server role = active directory domain controller
        server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, s3fs
        idmap_ldb:use rfc2307 = yes
        bind interfaces only = yes
        log level = 3

[netlogon]
        path = /var/lib/samba/sysvol/domain.com/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

вторичный 

 cat /etc/samba/smb.conf
# Global parameters
[global]
        workgroup = DOMAIN
        realm = DOMAIN.COM
        netbios name = PDC0
        server role = active directory domain controller
        server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, s3fs
        idmap_ldb:use rfc2307 = yes
        bind interfaces only = yes
        log level = 3

[netlogon]
        path = /var/lib/samba/sysvol/DOMAIN.com/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No
на первичном 
host -t SRV _ldap._tcp.domain.com.
_ldap._tcp.domain.com has SRV record 0 100 389 pdc0.domain.com.

на вторичном 

host -t SRV _ldap._tcp.domain.com.
_ldap._tcp.domain.com has SRV record 0 100 389 bdc0.domain.com.
_ldap._tcp.domain.com has SRV record 0 100 389 pdc0.domain.com.
на первичном 
host -t CNAME 2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com.
2c145e4a-2c07-4826-b51c-4ff7ecec17de._msdcs.domain.com is an alias for bdc1.domain.com.
куда копать? если можно конкретнее...


Ответ на: комментарий от kresh1

Да обычное в общем-то дело - тыкаешь проблему очень долго и глаз замыливается ;-). Свежий взгляд со стороны обычно помогает

Ты лучше отметь тему решенной, если помогло

Pinkbyte ★★★★★
()
Последнее исправление: Pinkbyte (всего исправлений: 1)
Ответ на: комментарий от Pinkbyte

Чтобы не плодить темы есть два dc))) samba 4.2 не проходит репликация 

 
host -t SRV _ldap._tcp.domain.ru.
_ldap._tcp.domain.ru has SRV record 0 100 389 dc0.domain.ru.
_ldap._tcp.domain.ru has SRV record 0 100 389 bdc0.domain.ru.


host -t CNAME 19ebf582-b12b-4f7a-800f-504e1fdcf795._msdcs.domain.ru.
19ebf582-b12b-4f7a-800f-504e1fdcf795._msdcs.domain.ru is an alias for bdc0.domain.ru

лов первичного dc0 

Wrong username or password: kinit for DC0$@DOMAIN.RU failed (Preauthentication failed)

Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192.168.40.253[1024,seal,krb5,target_hostname=19ebf582-b12b-4f7a-800f-504e1fdcf795._msdcs.domain.ru,target_principal=GC/bdc0.domain.ru/domain.ru,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.40.241] NT_STATUS_LOGON_FAILURE
[2016/07/19 09:50:41.021630,  1] ../source4/auth/gensec/gensec_gssapi.c:274(gensec_gssapi_client_creds)
  Wrong username or password: kinit for DC0$@DOMAIN.RU failed (Preauthentication failed)

Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192.168.40.253[1024,seal,krb5,target_hostname=19ebf582-b12b-4f7a-800f-504e1fdcf795._msdcs.domain.ru,target_principal=GC/bdc0.domain.ru/domain.ru,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=192.168.40.241] NT_STATUS_LOGON_FAILURE
 resolve_lmhosts: Attempting lmhosts lookup for name 19ebf582-b12b-4f7a-800f-504e1fdcf795._msdcs.domain.ru<0x20>
[2016/07/19 10:01:43.568686,  3] ../libcli/nbt/lmhosts.c:185(resolve_lmhosts_file_as_sockaddr)
  resolve_lmhosts: Attempting lmhosts lookup for name 19ebf582-b12b-4f7a-800f-504e1fdcf795._msdcs.domain.ru<0x20>
[2016/07/19 10:01:43.594017,  1] ../source4/auth/gensec/gensec_gssapi.c:274(gensec_gssapi_client_creds)
на первичном 
cat /etc/krb5.conf
[libdefaults]
        default_realm = DOMAIN.RU
        dns_lookup_realm = false
        dns_lookup_kdc = true
        allow_weak_keys = false

на вторичном 

cat /etc/krb5.conf
[libdefaults]
        default_realm = DOMAIN.RU
        dns_lookup_realm = false
        dns_lookup_kdc = true

kresh1
() автор топика
Ответ на: комментарий от kresh1

лог bdc0 


single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/19 10:14:52.924441,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/19 10:14:52.996105,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/19 10:14:53.016861,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/19 10:14:53.077689,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]
[2016/07/19 10:14:53.101979,  3] ../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[dcesrv: NT_STATUS_CONNECTION_DISCONNECTED]

kresh1
() автор топика
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
Admin