DC replication
in [Samba]
|
From: Gaiseric Vandal on 12 Jun 2010 17:40 Just to clarify, you used "net vampire" to pull the info from PDC1 to PDC2? Are you using LDAP or TDBSAM backend for samba accounts? Are you using NIS or LDAP or /etc/passwd for unix accounts? I found that LDAP backend for both samba and unix accounts was the best way to make sure all the samba DC's had the identical unix and samba id's for accounts across all machines. When you run wbinfo on PDC2 it may actually be querying PDC1. If I remember correctly, if you are using an TDBSAM backend with a BDC you need to create the samba account separately on the PDC and BDC. I don't think there is any reliable TDB replication in either direction. Instead of configuring the 2nd samba server as a BDC you may want to configure it as a member server. -----Original Message----- From: samba-bounces(a)lists.samba.org [mailto:samba-bounces(a)lists.samba.org] On Behalf Of Ibrahim Hamouda Sent: Wednesday, June 09, 2010 4:16 PM To: samba list Subject: [Samba] DC replication So finally I got the net vampire to work. I had to roll back to commit 62e0a74 bypassing all the updates done by mdw(a)samba.org for now. Now the replication PDC1 is the first domain controller created by provision PDC2 is the second is the second domain controller created by net vampire on PDC1 I added user using "net newuser testuser1" in few seconds it appeared on PDC2 using the command wbinfo -u on PDC2 I added user using "net newuser testuser2" it never appear on PDC1 Any idea what steps I'm missing here Thanks Ibrahim -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Michael Wood on 12 Jun 2010 19:00 On 12 June 2010 23:37, Gaiseric Vandal <gaiseric.vandal(a)gmail.com> wrote: > Just to clarify, you used "net vampire" to pull the info from PDC1 to PDC2? He's using Samba4, so he provisioned a DC and then vampired that to create another DC. > Are you using LDAP or TDBSAM backend for samba accounts? Are you using NIS I suspect he's using the default Samba4 LDB. > or LDAP or /etc/passwd for unix accounts? I found that LDAP backend for > both samba and unix accounts was the best way to make sure all the samba > DC's had the identical unix and samba id's for accounts across all > machines. > > When you run wbinfo on PDC2 it may actually be querying PDC1. If I > remember correctly, if you are using an TDBSAM backend with a BDC you need > to create the samba account separately on the PDC and BDC. I don't think > there is any reliable TDB replication in either direction. Since he's using Samba4 they should definitely replicate. Ibrahim, perhaps you should specify that you are using Samba4 instead of just implying it :) > Instead of configuring the 2nd samba server as a BDC you may want to > configure it as a member server. I'm afraid I haven't tried replication between two Samba4 instances, but are there any errors in the logs that might point you in the right direction? Maybe increase the debug level. -- Michael Wood <esiotrot(a)gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Michael Wood on 16 Jun 2010 13:30 Hi Ibrahim On 16 June 2010 18:57, Ibrahim Hamouda <ihamouda(a)itcanint.net> wrote: > Michael > Thanks for all your help > I think I found out the problem with replication. > > when I run net vapire on the second DC (pdc2), let's say it's ip address is 192.168.254.202 > > as soon as samba starts samba_dnsupdate runs > it reads the dns_update_list file and start updating the dns on (pdc1), let's say its address 192.168.254.201 > > the first record in the dns_update_list adds a A record for the domain name with 192.168.254.202. > This record succeeds, then nsupdate gets confused because now there are two records for the domain and it works on the nearest one (local) > So the rest of the samba update fails, and subsequently the replication fails. > > commenting out this first line in dns_update_list befor starting samba for the first time on pdc2 solves the problem OK, that sounds like a workaround rather than a problem. If PDC2 is not the name server then nsupdate shouldn't send it the update requests. Not sure what the right solution is, though. > On 2010-06-12, at 4:56 PM, Michael Wood wrote: > >> On 12 June 2010 23:37, Gaiseric Vandal <gaiseric.vandal(a)gmail.com> wrote: >>> Just to clarify, you used "net vampire" to pull the info from PDC1 to PDC2? >> >> He's using Samba4, so he provisioned a DC and then vampired that to >> create another DC. >> >>> Are you using LDAP or TDBSAM backend for samba accounts? Are you using NIS >> >> I suspect he's using the default Samba4 LDB. >> >>> or LDAP or /etc/passwd for unix accounts? I found that LDAP backend for >>> both samba and unix accounts was the best way to make sure all the samba >>> DC's had the identical unix and samba id's for accounts across all >>> machines. >>> >>> When you run wbinfo on PDC2 it may actually be querying PDC1. If I >>> remember correctly, if you are using an TDBSAM backend with a BDC you need >>> to create the samba account separately on the PDC and BDC. I don't think >>> there is any reliable TDB replication in either direction. >> >> Since he's using Samba4 they should definitely replicate. >> >> Ibrahim, perhaps you should specify that you are using Samba4 instead >> of just implying it :) >> >>> Instead of configuring the 2nd samba server as a BDC you may want to >>> configure it as a member server. >> >> I'm afraid I haven't tried replication between two Samba4 instances, >> but are there any errors in the logs that might point you in the right >> direction? Maybe increase the debug level. -- Michael Wood <esiotrot(a)gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
|
Pages: 1 Prev: Problems logging windows machines Next: [Samba] "usrmgr.exe" issues after upgrade samba |