Samba Replikation Fehler

Hallo Ihrs :slight_smile:

Ich bekomme seit neuestem Fehlermeldungen bei der Samba replik.

Die Domäne bessteht aus Master, Slave, SlaveC, SlaveZ(ausgeschalten), einen hinzugejointen WIN2K8 Server und einem Backup.

Hier die Fehlermeldung: (Fehlerprotokoll am MasterServer über WUI; “Fehlerdiagnose”)

samba-tool drs showrepl gibt ein Problem mit der Replikation zurück.
In eingehend 'DC=ForestDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In eingehend 'DC=ForestDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In eingehend 'DC=ForestDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In eingehend 'DC=DomainDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In eingehend 'DC=DomainDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In eingehend 'DC=DomainDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In eingehend 'DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In eingehend 'DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In eingehend 'DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In eingehend 'CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In eingehend 'CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In eingehend 'CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In eingehend 'CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In eingehend 'CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In eingehend 'CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation von Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=ForestDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=ForestDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=ForestDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=DomainDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=DomainDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=DomainDnsZones,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In ausgehend 'DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In ausgehend 'CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In ausgehend 'CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In ausgehend 'CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).
In ausgehend 'CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/BACKUP (WERR_FILE_NOT_FOUND).
In ausgehend 'CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVE (WERR_FILE_NOT_FOUND).
In ausgehend 'CN=Configuration,DC=intern,DC=domain,DC=de': Fehler während der DRS Replikation nach Default-First-Site-Name/SLAVEZ (WERR_FILE_NOT_FOUND).

ACHTUNG: "domain" ist natürlich nicht meine echte Domain.

Mehere Tests auf der Console sind ohne Fehler durchgelaufen.
ZB:
root@ucs-master:~# samba-tool dbcheck --cross-ncs --fix
Checking 3785 objects
Checked 3785 objects (0 errors)
root@ucs-master:~# 

Kann es sein, dass eine Dateberechtigung fehlt? (Steht auch in dem Fehlerlog):

Datei '/etc/univention/ssl/ucs-master.intern.domain.de' hat Datei-Modus 670, 750 war erwartet.
Datei '/var/lock/sysvol-sync-dir' hat den Besitzer 'slave2$:DC Slave Hosts', während 'root:DC Slave Hosts' erwartet war.

Ich hoffe es kann mir jemand helfen. :smile:

Vielleicht tut es ja auch etwas zur Sache:
Das Let´s Encrypt Signiert scheinbar nur eine Adresse, obwohl drei Erfolgreich signed sind.
ucs-master.intern.domain.de —> sicher
ucs-sso.intern.domain.de —>>> nicht sicher
(Problematisch bei sso* ist, dass ein Android Phone sich mit dem Google Connector nicht connectet - Cert Fehler.)

Desweiteren Habe ich noch die “Opsi” Kachel auf dem Startbildschirm, obwohl das nicht mehr Installiert ist.

Oder macht es Sinn, einen neuen Master-Server aufzusetzen?
Wird das überhaupt möglich sein, ohne die Domäne zu zerschießen?

Danke schon im Vorraus!
und ein schönes restliches Wochende!!!

Moin,

looks like this is an issue with the SYSVOL replication. But just a guess

Please execute
samba-tool drs showrepl
as you command just checks the Samba databases…

/KNEBB

Moin Moin,
hier das Ergebnis:

root@ucs-master:~# samba-tool drs showrepl
Default-First-Site-Name\UCS-MASTER
DSA Options: 0x00000001
DSA object GUID: 378b5c2b-7a29-4a5a-b5bd-2aaddcada97d
DSA invocationId: 1ff1a381-c0cf-4b95-bbeb-f0e0cfde7ea2

==== INBOUND NEIGHBORS ====

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:38:19 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		16556 consecutive failure(s).
		Last success @ Sat Dec 30 22:20:41 2017 CET

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:38:20 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		9190 consecutive failure(s).
		Last success @ Thu Jan 25 20:24:38 2018 CET

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:38:20 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		3486 consecutive failure(s).
		Last success @ Fri Feb 16 08:55:43 2018 CET

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ Sat Mar  3 10:38:20 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:20 2018 CET

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ Sat Mar  3 10:38:21 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:21 2018 CET

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:38:21 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		16555 consecutive failure(s).
		Last success @ Sat Dec 30 22:20:41 2017 CET

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:38:21 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		9190 consecutive failure(s).
		Last success @ Thu Jan 25 20:24:38 2018 CET

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:38:21 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		3486 consecutive failure(s).
		Last success @ Fri Feb 16 08:55:43 2018 CET

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ Sat Mar  3 10:38:21 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:21 2018 CET

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ Sat Mar  3 10:38:22 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:22 2018 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:38:22 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		16555 consecutive failure(s).
		Last success @ Sat Dec 30 22:20:41 2017 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:38:22 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		9190 consecutive failure(s).
		Last success @ Thu Jan 25 20:24:38 2018 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:38:22 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		3486 consecutive failure(s).
		Last success @ Fri Feb 16 08:55:44 2018 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\WIN-SRV via RPC
		DSA object GUID: c7169840-d0b8-4580-a9cf-eb32a01aea4c
		Last attempt @ Sat Mar  3 10:38:23 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:23 2018 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ Sat Mar  3 10:38:23 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:23 2018 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ Sat Mar  3 10:38:24 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:24 2018 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:38:24 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		16555 consecutive failure(s).
		Last success @ Sat Dec 30 22:20:41 2017 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:38:24 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		9190 consecutive failure(s).
		Last success @ Thu Jan 25 20:24:39 2018 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:38:24 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		3486 consecutive failure(s).
		Last success @ Fri Feb 16 08:55:44 2018 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\WIN-SRV via RPC
		DSA object GUID: c7169840-d0b8-4580-a9cf-eb32a01aea4c
		Last attempt @ Sat Mar  3 10:38:24 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:24 2018 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ Sat Mar  3 10:38:25 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:25 2018 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ Sat Mar  3 10:38:25 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:25 2018 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:38:25 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		16555 consecutive failure(s).
		Last success @ Sat Dec 30 22:20:41 2017 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:38:25 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		9190 consecutive failure(s).
		Last success @ Thu Jan 25 20:24:39 2018 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:38:25 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		3486 consecutive failure(s).
		Last success @ Fri Feb 16 08:55:45 2018 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\WIN-SRV via RPC
		DSA object GUID: c7169840-d0b8-4580-a9cf-eb32a01aea4c
		Last attempt @ Sat Mar  3 10:38:26 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:26 2018 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ Sat Mar  3 10:38:26 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:26 2018 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ Sat Mar  3 10:38:27 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Sat Mar  3 10:38:27 2018 CET

==== OUTBOUND NEIGHBORS ====

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:40:25 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		794207 consecutive failure(s).
		Last success @ NTTIME(0)

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:40:26 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		376497 consecutive failure(s).
		Last success @ NTTIME(0)

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:40:28 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		191025 consecutive failure(s).
		Last success @ NTTIME(0)

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

DC=ForestDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:40:30 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		793865 consecutive failure(s).
		Last success @ NTTIME(0)

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:40:31 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		376131 consecutive failure(s).
		Last success @ NTTIME(0)

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:40:32 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		190657 consecutive failure(s).
		Last success @ Fri Feb 16 08:55:45 2018 CET

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

DC=DomainDnsZones,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:40:33 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		793141 consecutive failure(s).
		Last success @ NTTIME(0)

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:40:35 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		375533 consecutive failure(s).
		Last success @ NTTIME(0)

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:40:16 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		190142 consecutive failure(s).
		Last success @ NTTIME(0)

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\WIN-SRV via RPC
		DSA object GUID: c7169840-d0b8-4580-a9cf-eb32a01aea4c
		Last attempt @ Fri Mar  2 19:32:53 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Fri Mar  2 19:32:53 2018 CET

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:40:20 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		792745 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:40:20 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		356206 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:40:21 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		187140 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\WIN-SRV via RPC
		DSA object GUID: c7169840-d0b8-4580-a9cf-eb32a01aea4c
		Last attempt @ Tue Feb 27 18:36:36 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Tue Feb 27 18:36:36 2018 CET

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Schema,CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-BACKUP via RPC
		DSA object GUID: e0502850-bdb8-4f61-9e15-fa0044b6a0b4
		Last attempt @ Sat Mar  3 10:40:22 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		792603 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE via RPC
		DSA object GUID: 30602c73-c555-4118-b55a-dd6cb165cfd7
		Last attempt @ Sat Mar  3 10:40:23 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		359638 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEZ via RPC
		DSA object GUID: 9c6c997e-26c3-4d26-a0c6-ef79a84a2fde
		Last attempt @ Sat Mar  3 10:40:25 2018 CET failed, result 2 (WERR_FILE_NOT_FOUND)
		189385 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\WIN-SRV via RPC
		DSA object GUID: c7169840-d0b8-4580-a9cf-eb32a01aea4c
		Last attempt @ Tue Feb 27 18:36:37 2018 CET was successful
		0 consecutive failure(s).
		Last success @ Tue Feb 27 18:36:37 2018 CET

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVEC via RPC
		DSA object GUID: 7f539cf8-2e49-43b1-8673-c0433122b815
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

CN=Configuration,DC=intern,DC=domain,DC=de
	Default-First-Site-Name\UCS-SLAVE2 via RPC
		DSA object GUID: 52a2e132-c97a-4f82-bdc3-7c0645e918cb
		Last attempt @ NTTIME(0) was successful
		0 consecutive failure(s).
		Last success @ NTTIME(0)

==== KCC CONNECTION OBJECTS ====

Connection --
	Connection name: 22fea4d7-9c57-498a-9c37-2538d1675c84
	Enabled        : TRUE
	Server DNS name : ucs-backup.intern.domain.de
	Server DN name  : CN=NTDS Settings,CN=UCS-BACKUP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=intern,DC=domain,DC=de
		TransportType: RPC
		options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
	Connection name: 48ef8f2c-03c7-4fef-bb44-5e2dae85e15d
	Enabled        : TRUE
	Server DNS name : ucs-slave2.intern.domain.de
	Server DN name  : CN=NTDS Settings,CN=UCS-SLAVE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=intern,DC=domain,DC=de
		TransportType: RPC
		options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
	Connection name: 5087bd4c-5629-4128-87a9-122ba06d54ec
	Enabled        : TRUE
	Server DNS name : WIN-SRV.intern.domain.de
	Server DN name  : CN=NTDS Settings,CN=WIN-SRV,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=intern,DC=domain,DC=de
		TransportType: RPC
		options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
	Connection name: 56961ccd-3c1c-486f-b0c3-5e7022503137
	Enabled        : TRUE
	Server DNS name : ucs-slavez.intern.domain.de
	Server DN name  : CN=NTDS Settings,CN=UCS-SLAVEZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=intern,DC=domain,DC=de
		TransportType: RPC
		options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
	Connection name: 5da98888-950b-4bdd-92b2-31fa338daab5
	Enabled        : TRUE
	Server DNS name : ucs-slavec.intern.domain.de
	Server DN name  : CN=NTDS Settings,CN=UCS-SLAVEC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=intern,DC=domain,DC=de
		TransportType: RPC
		options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
	Connection name: b8b6bff2-d8eb-434e-8f88-ff91fc1dae14
	Enabled        : TRUE
	Server DNS name : ucs-slave.intern.domain.de
	Server DN name  : CN=NTDS Settings,CN=UCS-SLAVE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=intern,DC=domain,DC=de
		TransportType: RPC
		options: 0x00000001
Warning: No NC replicated for Connection!

This is the error.
Have you checked Samba 4 Troubleshooting?
Try some googling, too.

Nunja…

Da das alles auf Englisch ist, ist es dann doch zu viel für mich.
@knebb:
Ich frage mich, wenn Du deutsch verstehst, warum antwortest Du auf Englisch?
Würde gerne wissen, was ich nun genau machen soll/muss?

VG

English, please…

I cannot give you exact steps how to fix. I pointed you to locations where you might find the reason for the behaviour.
That’s all I can do as I do not know what exactly the error is. You have to put some effort in troubleshooting. Sorry.

Moin,

Beide Berechtigungsprobleme sollten beseitigt werden:

chmod 0670 /etc/univention/ssl/ucs-master.intern.domain.de
chown root /var/lock/sysvol-sync-dir

Beide sollten allerdings keinen Einfluss auf das DRS-Replikations-Problem haben.

Ein paar Zusatzfragen zum aktuellen Zustand:

  1. Gibt es auf S4-Connect-Rejects (siehe Ausgabe von univention-s4connector-list-rejected auf dem DC Master)?
  2. Gibt es Replikationsprobleme auf den DC Slaves (dafür in der UMC anmelden, zum jeweiligen DC Slave wechseln und dort die Systemprüfung ausführen)?

Hier verstehe ich nicht ganz genau, was Sie damit sagen wollen. Haben Sie via LE Zertifikate auch für ucs-sso.intern.domain.de erstellt? Und was dann genau damit gemacht — Apache umkonfiguriert, damit er das LE-Zertifikat nutzt? Vorhandenes Zertifikat durch das LE-Zertifikat überschrieben?

In Summe für die DRS-Replikation aber ebenfalls unwichtig.

Das hat glücklicherweise überhaupt keinen Einfluss auf die DRS-Replikation. Sie können die Kachen manuell entfernen (in UMC anmelden → »Domäne« → »LDAP-Verzeichnis« → zu »univention« → »portal« navigieren, dort Eintrag entfernen).

Neu aufsetzen heißt, dass man alle Nutzer, Gruppen, Freigaben etc. neu anlegen muss. Je nach weiter verwendeten Apps kann das richtig nervig sein, weil Benutzer neue interne IDs bekommen, neuen Windows-RIDs etc.

Was man machen kann, ist einen DC Backup aufzusetzen, zu joinen und diesen zum neuen Master hochzustufen. Mehr Infos gibt’s dazu im Handbuch. Da aber auch das ein invasiver Eingriff mit recht viel Nacharbeiten sein kann, würde ich erst mal zusehen, ob die Probleme nicht anders gelöst werden können.

Zu den Fehlern mit WEEE_FILE_NOT_FOUND: bitte führen Sie mal den Befehl univention-s4search -b DC=ForestDnsZones,$(ucr get ldap/base) -s base dn auf dem DC Master und allen DC Slaves aus und posten Sie die Ergebnisse. Danke.

Gruß
mosu

Mastodon