Directory Server does not replicate after upgrade to 4.2

samba-ad
ucs-4-2

#1

I upgraded my 3-server system from 4.1 to 4.2. After the installation, it seemed like the second server didn’t want to replicate anymore. After trying various things, I deleted the server from the domain and reinstalled from CD according to the documentation (removed all references to it).

I reinstalled it from ISO, the installer did not do the join so I had to update and manually do univention-join. No errors during that however as soon as it was installed, it stops replicating right away with the same errors.

These are errors in the join.log:

Multifile: /etc/samba/smb.conf
2017-05-31 16:26:52 ERROR [directory1] rsync exitcode was 23 (Could not chdir to home directory /dev/null: Not a directoryrsync: opendir "/var/lib/samba/sysvol/rcbi.rochester.edu/Policies" failed: Permission denied (13)IO error encountered -- skipping file deletionrsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1655) [generator=3.1.1])
2017-05-31 16:26:52 ERROR [directory1] Skipping sync to local sysvol!
ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined error')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 239, in run
    lp, use_ntvfs=use_ntvfs)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1609, in setsysvolacl
    set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, use_ntvfs, passdb=s4_passdb)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1502, in set_gpos_acl
    use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, service=SYSVOL_SERVICE)
  File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 162, in setntacl
    smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
open: error=2 (No such file or directory)
Modified 1 records successfully
Added 1 records successfully
ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined error')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 239, in run
    lp, use_ntvfs=use_ntvfs)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1609, in setsysvolacl
    set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, use_ntvfs, passdb=s4_passdb)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1502, in set_gpos_acl
    use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, service=SYSVOL_SERVICE)
  File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 162, in setntacl
    smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
open: error=2 (No such file or directory)
Setting dns/backend
Restarting bind9 (via systemctl): bind9.service.
Wait for bind9:  done
Not updating samba4/sysvol/sync/cron
DC=ForestDnsZones,DC=rcbi,DC=rochester,DC=edu
	Default-First-Site-Name\DIRECTORY2 via RPC
		DSA object GUID: c757e2d5-cf77-4654-90f8-25a4ab9e6c60
		Last attempt @ Wed May 31 16:37:26 2017 EDT failed, result 2 (WERR_FILE_NOT_FOUND)
		2 consecutive failure(s).
		Last success @ NTTIME(0)

This is the only relevant thing I can find in the logs:

2017-05-31 16:30:18 ERROR [directory1] rsync exitcode was 23 (Could not chdir to home directory /dev/null: Not a directoryrsync: opendir "/var/lib/samba/sysvol/rcbi.rochester.edu/Policies" failed: Permission denied (13)IO error encountered -- skipping file deletionrsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1655) [generator=3.1.1])
2017-05-31 16:30:18 ERROR [directory1] Skipping sync to local sysvol!
2017-05-31 16:35:39 ERROR [directory1] rsync exitcode was 23 (Could not chdir to home directory /dev/null: Not a directoryrsync: opendir "/var/lib/samba/sysvol/rcbi.rochester.edu/Policies" failed: Permission denied (13)IO error encountered -- skipping file deletionrsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1655) [generator=3.1.1])
2017-05-31 16:35:39 ERROR [directory1] Skipping sync to local sysvol!

#2

I found the issue: this was in samba.log on the Master

[2017/06/01 11:38:59.871396, 1, pid=2320] …/source4/ldap_server/ldap_extended.c:89(ldapsrv_starttls_postprocess_done)
ldapsrv_starttls_postprocess_done: accept_tls_loop: tstream_tls_accept_recv() - 5:Input/output error => NT_STATUS_IO_DEVICE_ERRORTLS …/source4/lib/tls/tls_tstream.c:1423 - An unexpected TLS packet was received.

Restarting Samba on the Master after the join completed seems to have resolved the issue.