Bug 40387

Summary: 'Waiting for DRS replication' failed on a school slave
Product: UCS Reporter: Stefan Gohmann <gohmann>
Component: Samba4Assignee: Arvid Requate <requate>
Status: CLOSED FIXED QA Contact: Felix Botner <botner>
Severity: normal    
Priority: P2 CC: grandjean, markus.daehlmann, requate, schwardt, walkenhorst
Version: UCS 4.0   
Target Milestone: UCS 4.0-4-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Troubleshooting
Max CVSS v3 score:
Bug Depends on: 33399    
Bug Blocks:    

Description Stefan Gohmann univentionstaff 2016-01-07 14:15:53 CET 
Backport for UCS 4.0 is needed as well.

+++ This bug was initially created as a clone of Bug #33399 +++

From the join.lg of a school slave with samba4:

Waiting for DRS replication: .................................................................................
........................................................................................................................................................................................................................... failed


This happens with UCS 3.1 and UCS 3.2. I think the new password is not synced to the S4 of the master:

root@slave2032:~# ldbsearch -H ldap://master203 -U slave2032\$%$(</etc/machine.secret) 
SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_INVALID_PARAMETER
Failed to bind - LDAP error 49 LDAP_INVALID_CREDENTIALS -  <SASL:[GSS-SPNEGO]: NT_STATUS_LOGON_FAILURE> <>
Failed to connect to 'ldap://master203' with backend 'ldap': (null)
Failed to connect to ldap://master203 - (null)
root@slave2032:~#
Comment 1 Arvid Requate univentionstaff 2016-01-27 19:42:18 CET 
Adjusted (merged patch for Bug 33399):

* The joinscript
* check_essential_samba4_dns_records

Advisory: univention-samba4.yaml
Comment 2 Felix Botner univentionstaff 2016-01-29 12:52:33 CET 
OK - merged to 4.0-4errata
OK - singleschool s4 (No drs repl during join)

OK - YAML
Comment 3 Janek Walkenhorst univentionstaff 2016-02-04 15:58:33 CET 
<http://errata.software-univention.de/ucs/4.0/397.html>