Web lists-archives.com

[Samba] Joining_a_Samba_DC_to_an_Existing_Active_Directory




Hello all
this morning i followed wiki in subject to replicate my active directory, but it fails with this error:

[root@dc1 etc]#  samba-tool drs showrepl
Default-First-Site-Name\DC1
DSA Options: 0x00000001
DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f
DSA invocationId: 834770f4-c5a7-48c7-bc77-66e2cf37e557

==== INBOUND NEIGHBORS ====

DC=ForestDnsZones,DC=lxcerruti,DC=com
        Default-First-Site-Name\DC2 via RPC
                DSA object GUID: 2c8db74e-548c-43db-996a-a5287c6aa557
                Last attempt @ Tue Feb 26 14:28:28 2019 CET failed, result 1232 (WERR_HOST_UNREACHABLE)
                31 consecutive failure(s).
                Last success @ NTTIME(0)

and many rows like this in log.smbd:
[2019/02/26 14:33:01.184413,  0] ../source4/librpc/rpc/dcerpc_sock.c:63(continue_socket_connect)   Failed to connect host 192.168.4.33 on port 135 - NT_STATUS_HOST_UNREACHABLE [2019/02/26 14:33:01.184547,  0] ../source4/librpc/rpc/dcerpc_sock.c:245(continue_ip_open_socket)   Failed to connect host 192.168.4.33 (2c8db74e-548c-43db-996a-a5287c6aa557._msdcs.lxcerruti.com) on port 135 - NT_STATUS_HOST_UNREACHABLE.

I have 2 dc named dc1 and dc2

****** DC1 ******

OS: centos-release-7-6.1810.2.el7.centos.x86_64
SAMBA: Version 4.9.1
compiled from source

smb.conf :
[global]
        netbios name = DC1
        realm = LXCERRUTI.COM
        server role = active directory domain controller
        workgroup = LXCERRUTI

        idmap_ldb:use rfc2307 = yes

        dns forwarder = 192.168.1.1

resolv.conf:
search lxcerruti.com
nameserver 192.168.4.34
nameserver 192.168.4.33
nameserver 192.168.1.1

****** DC2 ******

OS: centos-release-7-6.1810.2.el7.centos.x86_64
SAMBA: Version 4.9.4
compiled from source

smb.conf:
[global]
        netbios name = DC2
        realm = LXCERRUTI.COM
        server role = active directory domain controller
        workgroup = LXCERRUTI
        idmap_ldb:use rfc2307 = yes

resolv.conf:
search lxcerruti.com
nameserver 192.168.4.34
nameserver 192.168.4.33
nameserver 192.168.1.1

[root@dc2 etc]# samba-tool drs showrepl
Default-First-Site-Name\DC2
DSA Options: 0x00000001
DSA object GUID: 2c8db74e-548c-43db-996a-a5287c6aa557
DSA invocationId: 7084538f-4122-4373-9d42-b19cce814997

==== INBOUND NEIGHBORS ====

DC=ForestDnsZones,DC=lxcerruti,DC=com
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f
                Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful
                0 consecutive failure(s).
                Last success @ Tue Feb 26 14:37:00 2019 CET

CN=Schema,CN=Configuration,DC=lxcerruti,DC=com
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f
                Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful
                0 consecutive failure(s).
                Last success @ Tue Feb 26 14:37:00 2019 CET

CN=Configuration,DC=lxcerruti,DC=com
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f
                Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful
                0 consecutive failure(s).
                Last success @ Tue Feb 26 14:37:00 2019 CET

DC=DomainDnsZones,DC=lxcerruti,DC=com
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f
                Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful
                0 consecutive failure(s).
                Last success @ Tue Feb 26 14:37:00 2019 CET

DC=lxcerruti,DC=com
        Default-First-Site-Name\DC1 via RPC
                DSA object GUID: 8ba457e4-815d-4bd3-a748-8b5ddb53fd5f
                Last attempt @ Tue Feb 26 14:37:00 2019 CET was successful
                0 consecutive failure(s).
                Last success @ Tue Feb 26 14:37:00 2019 CET

==== OUTBOUND NEIGHBORS ====

==== KCC CONNECTION OBJECTS ====

Connection --
        Connection name: 4e04fffb-e248-4fec-b254-47338f1d01a1
        Enabled        : TRUE
        Server DNS name : dc1.lxcerruti.com
        Server DN name  : CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lxcerruti,DC=com
                TransportType: RPC
                options: 0x00000001
Warning: No NC replicated for Connection!


Any suggestions are appreciated :-)

br

--

*Corrado Ravinetto *


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba