Re: [Samba] Made a join with a netbios name, which already existed, now replication errors
- Date: Mon, 31 Jul 2017 20:06:34 +0200
- From: gizmo via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Made a join with a netbios name, which already existed, now replication errors
> When you joined samba4 named as samba3, you removed the account for
> samba3. So the server that thought of itself as samba3 can't operate
> any more, essentially it has been force-demoted.
> I guess you need to remove them both and start again from samba1 and
I let the samba1 and samba2 untouched. They are still working with SLES 11 and samba 4.3.11 from sernet.
Since I broke samba3 with the installation of samba4, I installed a samba5 with SLES 12 and samba 4.6.6 (sernet),
so that I could demote samba3/samba4 with "samba-tool domain demote --remove-other-dead-server=" executed on samba5.
The first try with the name "samba3" or "samba4" didnt work, but with the GUID I could successfully demote.
samba1, samba2 and samba5 seem to work perfect. Then I made a new installation of samba3 (SLES 12 and samba 4.6.6)
and also joined that one. Now there are replication-errors on samba3.
While samba1, samba2 and samba5 seem to replicate with each other, even with the samba3,
so samba3 has the following error with samba2:
Default-First-Site-Name\SAMBA2 via RPC
DSA object GUID: 9455b34f-a395-449e-b7bb-9a900d59fdfe
Last attempt @ Mon Jul 31 19:24:03 2017 CEST failed, result 8453 (WERR_DS_DRA_ACCESS_DENIED)
58 consecutive failure(s).
Last success @ Mon Jul 31 19:24:03 2017 CEST
On samba3 all entries under "INBOUND NEIGHBORS" have this error (WERR_DS_DRA_ACCESS_DENIED) with samba2.
The entries under "OUTBOUND NEIGHBORS" are all with success.
Under "KCC CONNECTION OBJECTS" samba1 is missing.
samba2 has a lot of entries in the "log.samba" like that:
[2017/07/31 19:59:02.987782, 0] ../source4/rpc_server/drsuapi/updaterefs.c:276(dcesrv_drsuapi_DsReplicaUpdateRefs)
../source4/rpc_server/drsuapi/updaterefs.c:276: Refusing DsReplicaUpdateRefs for sid S-1-5-21-492433167-3996512854-4160196905-8869 with GUID 8eea9ec6-3610-477b-8770-93b467508e57
This is the GUID from samba3.
To unsubscribe from this list go to the following URL and read the