Web lists-archives.com

[Samba] Samba 4.6 replication issue (WERR_FILE_NOT_FOUND)




Hello!

Please help me with the following issue:

My employer has an Active Directory with four samba4 domain controllers named dc1, dc2, dc3, dc4. `samba-tool drs showrepl` on dc2 constantly shows

DC=mydomain
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 48bff36e-35e2-4b09-9e40-9d73b9a5387b
Last attempt @ Sat Aug 12 21:48:43 2017 MSK failed, result 2 (WERR_FILE_NOT_FOUND)
                3798 consecutive failure(s).
                Last success @ Sun Jul 30 23:25:55 2017 MSK

in its '==== INBOUND NEIGHBORS ====' and

DC=mydomain
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 48bff36e-35e2-4b09-9e40-9d73b9a5387b
Last attempt @ Sat Aug 12 21:49:49 2017 MSK failed, result 2 (WERR_FILE_NOT_FOUND)
                7 consecutive failure(s).
                Last success @ NTTIME(0)

in its '==== OUTBOUND NEIGHBORS ====' (DC=mydomain here substitutes the actual DC=... line since I'm not free to expose it). I've run

    samba-tool drs replicate dc2 dc1 DC=mydomain -d 6

and

    samba-tool drs replicate dc2 dc4 DC=mydomain -d 6

and compared log outputs (attached) but still have no clues to this issue. Samba version on hosts in question are

4.6.6 on dc1,

4.6.7 on dc2,

4.6.2 on dc4.

Not showing `samba-tool drs showrepl` from dc3 and dc4 because the former is sernet-samba-common-4.2.12-22.el7.x86_64 (quite old and planned for upgrade ASAP) and the latter has no replication agreement with dc1 at all. There's also Win Serv 2003 based DC, but I'm gonna wipe it off soon and mentioning it here just for fullness.

smb.conf from dc1:

# Global parameters
[global]
        interfaces = lo eth0
        netbios name = DC1
        realm = MYDOMAIN # actual realm substituted
        workgroup = MYDOMAIN # actual workgroup substituted
        log level = 3
        server role = active directory domain controller
        winbind enum groups = yes
        winbind enum users = yes

[netlogon]
path = /var/lib/samba/sysvol/mydomain/scripts # actual path substituted
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

smb.conf on dc2 and dc4 differs from the above only in 'netbios name'.

`samba -b` from dc1:

Samba version: 4.6.6
Build environment:
Build host: Linux 99f3e1c0b9a7449a8969a6f3f3fb5161 4.11.0-2.fc26.x86_64 #1 SMP Tue May 9 15:24:49 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Paths:
   BINDIR: /usr/bin
   SBINDIR: /usr/sbin
   CONFIGFILE: /etc/samba/smb.conf
   NCALRPCDIR: /run/samba/ncalrpc
   LOGFILEBASE: /var/log/samba
   LMHOSTSFILE: /etc/samba/lmhosts
   DATADIR: /usr/share
   MODULESDIR: /usr/lib64/samba
   LOCKDIR: /var/lib/samba/lock
   STATEDIR: /var/lib/samba
   CACHEDIR: /var/lib/samba
   PIDDIR: /run
   PRIVATE_DIR: /var/lib/samba/private
   CODEPAGEDIR: /usr/share/samba/codepages
   SETUPDIR: /usr/share/samba/setup
   WINBINDD_SOCKET_DIR: /run/samba/winbindd
   WINBINDD_PRIVILEGED_SOCKET_DIR: /var/lib/samba/winbindd_privileged
   NTP_SIGND_SOCKET_DIR: /var/lib/samba/ntp_signd

`samba -b` from dc2:

Samba version: 4.6.7
Build environment:
Build host: Linux d5589f2efa7c4700957f06e3bd41b4cc 4.11.0-2.fc26.x86_64 #1 SMP Tue May 9 15:24:49 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Paths:
   BINDIR: /usr/bin
   SBINDIR: /usr/sbin
   CONFIGFILE: /etc/samba/smb.conf
   NCALRPCDIR: /run/samba/ncalrpc
   LOGFILEBASE: /var/log/samba
   LMHOSTSFILE: /etc/samba/lmhosts
   DATADIR: /usr/share
   MODULESDIR: /usr/lib64/samba
   LOCKDIR: /var/lib/samba/lock
   STATEDIR: /var/lib/samba
   CACHEDIR: /var/lib/samba
   PIDDIR: /run
   PRIVATE_DIR: /var/lib/samba/private
   CODEPAGEDIR: /usr/share/samba/codepages
   SETUPDIR: /usr/share/samba/setup
   WINBINDD_SOCKET_DIR: /run/samba/winbindd
   WINBINDD_PRIVILEGED_SOCKET_DIR: /var/lib/samba/winbindd_privileged
   NTP_SIGND_SOCKET_DIR: /var/lib/samba/ntp_signd

`samba -b` from dc4:

Samba version: 4.6.2
Build environment:
Build host: Linux copr-builder-106215192.novalocal 4.5.5-300.fc24.x86_64 #1 SMP Thu May 19 13:05:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Paths:
   BINDIR: /usr/bin
   SBINDIR: /usr/sbin
   CONFIGFILE: /etc/samba/smb.conf
   NCALRPCDIR: /run/samba/ncalrpc
   LOGFILEBASE: /var/log/samba
   LMHOSTSFILE: /etc/samba/lmhosts
   DATADIR: /usr/share
   MODULESDIR: /usr/lib64/samba
   LOCKDIR: /var/lib/samba/lock
   STATEDIR: /var/lib/samba
   CACHEDIR: /var/lib/samba
   PIDDIR: /run
   PRIVATE_DIR: /var/lib/samba/private
   CODEPAGEDIR: /usr/share/samba/codepages
   SETUPDIR: /usr/share/samba/setup
   WINBINDD_SOCKET_DIR: /run/samba/winbindd
   WINBINDD_PRIVILEGED_SOCKET_DIR: /var/lib/samba/winbindd_privileged
   NTP_SIGND_SOCKET_DIR: /var/lib/samba/ntp_signd


--
Sincerely
Vadim Raskhozhev

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba