12726 – No outbound connections on Samba DC to Windows 2008 R2 DC

Bug 12726 - No outbound connections on Samba DC to Windows 2008 R2 DC

Summary: No outbound connections on Samba DC to Windows 2008 R2 DC

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.6.1
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-03-30 16:48 UTC by Marc Muehlfeld
Modified:	2017-04-02 22:23 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
samba-tool drs showrepl output (2.01 KB, text/plain) 2017-03-30 16:48 UTC, Marc Muehlfeld	no flags	Details
Level 10 debug log (2.20 MB, application/gzip) 2017-03-30 16:51 UTC, Marc Muehlfeld	no flags	Details
Level 10 debug log of manual forced outgoing replication (3.04 MB, application/x-bzip) 2017-03-30 16:58 UTC, Marc Muehlfeld	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marc Muehlfeld 2017-03-30 16:48:39 UTC

Created attachment 13125 [details]
samba-tool drs showrepl output

Problem description:
When I join a Windows 2008 R2 to a Samba 4.6.1 AD DC, the inbound connections on the Samba DC are established automatically. However, the the outbound connections aren't.

Even after a longer time and after restarting Samba and rebooting the Windows DC, the outbound connections are not established. To verify that replication from Samba to the Windows DC is really not working, I created a user on the Samba DC and it was not replicated to the Windows DC. In the other direction, the test is successful (that was expected, because the inbound connection are visible)

The scenario is reproduceable here.



Affected version:
- 4.6.1
I'm sure this worked in the past when I wrote and later rewrote the Wiki page about joining 2008 to a Samba DC. I sadly can't remember which Samba version this was.



Steps to reproduce:
- Set up a Samba AD DC.
- Join the Windows 2008 R2 as a DC (dcpromo. See Wiki)



Additional notes:
I additionally tried joining 2008 R2 as a DC to a Samba AD with two Samba DCs:
During the dcpromo, I selected DC1 as replication partner. A while after the new Windows DC was rebootet, in- and outbound connections were established on DC2. However, on DC1 again only inbound connections from the Windows DC were established and outbound connections Windows. This scenario is also reproduceable here.

Comment 1 Marc Muehlfeld 2017-03-30 16:51:53 UTC

Created attachment 13126 [details]
Level 10 debug log

I'm not really sure what log content I can provide that helps. I attached a level 10 debug log that contains 15 minutes during both the Samba and Windows DC were online.

Comment 2 Marc Muehlfeld 2017-03-30 16:58:07 UTC

Created attachment 13127 [details]
Level 10 debug log of manual forced outgoing replication

Attached a level 10 debug log, that contains a manual force for all partitions from the Samba DC to the Windows DC + a restart of Samba afterwards.

# samba-tool drs replicate WIN2008R2 DC1 dc=samdom,dc=example,dc=com --full-sync
Replicate from DC1 to WIN2008R2 was successful.

# samba-tool drs replicate WIN2008R2 DC1 DC=ForestDnsZones,dc=samdom,dc=example,dc=com --full-sync
Replicate from DC1 to WIN2008R2 was successful.

# samba-tool drs replicate WIN2008R2 DC1 CN=Configuration,dc=samdom,dc=example,dc=com --full-sync
Replicate from DC1 to WIN2008R2 was successful.

# samba-tool drs replicate WIN2008R2 DC1 DC=DomainDnsZones,dc=samdom,dc=example,dc=com --full-sync
Replicate from DC1 to WIN2008R2 was successful.

# samba-tool drs replicate WIN2008R2 DC1 CN=Schema,CN=Configuration,dc=samdom,dc=example,dc=com --full-sync
Replicate from DC1 to WIN2008R2 was successful.



However, afterwards still no outbound connections were established.