Univention Bugzilla – Bug 55877
School replica join: 98univention-samba4-dns.inst waits for replicated dns-(hostname) entry in samba [4.4]
Last modified: 2023-03-14 17:36:11 CET
In the customer environment it takes immense time to replicate the objectClass=dnsZone Objects. Therefor the 98univention-samba4-dns.inst joinscripts waits hours until the SPN account dns-($hostname) entry is finally existing in samba. So unfortunately the bugfix from Bug #54791 is not entirely helping. +++ This bug was initially created as a clone of Bug #54791 +++ At a school customer, with ~150.000 users, we've seen the following error pretty often during the join of a new school replica server: Wait for bind9: .Restarting bind9 (via systemctl): bind9.service. Restarting samba-ad-dc (via systemctl): samba-ad-dc.service. ....................................................................................................Restarting bind9 (via systemctl): bind9.service. ....................................................................................................Restarting bind9 (via systemctl): bind9.service. See "systemctl status bind9.service" and "journalctl -xe" for details. failed! ************************************************************** * ERROR: Failed to configure Samba4 as backend for bind. * * Please check the samba and the s4-connector logfile.* ************************************************************** This happened, because during the join thousands of objects have been created in UCS and have been added as pickle files for the s4connector. When starting the s4connector during the join, all those files are then processed in order of creation. Oftentimes, the DNS zones necessary for this joinscript are not synced before the timeout of ~20 minutes is reached. The customer then has to wait until the zone is synced and restart the join. It would be good if we could sync the objects needed for the join to complete earlier than the other less important objects.