Zentyal and windows server 2008 r2 sync AD

[rozenkrazer]

 Hi.

 I add Zentyal like "Additional domain controller". But replication isn't work.

When I use 

Code: [Select]

sudo samba-tool drs replicate
I have error:

Code: [Select]

ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (8418, 'WERR_DS_DRA_SCHEMA_MISMATCH')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/drs.py", line 345, in run
    drs_utils.sendDsReplicaSync(self.drsuapi, self.drsuapi_handle, source_dsa_guid, NC, req_options)
  File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 83, in sendDsReplicaSync
    raise drsException("DsReplicaSync failed %s" % estr)
I check schema to Windows server and Zentyal:

Code: [Select]

samba-tool ldapcmp ldap://db1 ldap://db2 domain
I have a lot of errors, like:

Code: [Select]

Comparing:
'CN=Administrator,CN=Users,DC=test,DC=net' [ldap://db1]
'CN=Administrator,CN=Users,DC=test,DC=net' [ldap://db2]
    Attributes found only in ldap://db1:
        msExchPreviousHomeMDB
    FAILED

Comparing:
'CN=Andrey Shiba,OU=Kiev,OU=OfficeUsers,DC=test,DC=net' [ldap://db1]
'CN=Andrey Shiba,OU=Kiev,OU=OfficeUsers,DC=test,DC=net' [ldap://db2]
    Difference in attribute values:
        userParameters =>
['m\x00:\x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00d\x00\t\x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00']
['m:                    d\t                        ']
    FAILED

I have a different schema on Zentyal and Windows server 2008 R2?! How I can fix that problem?

 Best regards Yura Sakharov

[IntOverflow]

Have you installed the newest version of Zentyal (all updates installed?)

I've successfully connected Zentyal 4 as additional DC to Windows Server 2012 R2 (domain level 2008)

Can you post the zentyal.log?

[rozenkrazer]

Have you installed the newest version of Zentyal (all updates installed?)

Yes

I've successfully connected Zentyal 4 as additional DC to Windows Server 2012 R2 (domain level 2008)

Yes and more replication from windows server success:

Code: [Select]

samba-tool drs replicate winows_server zentyal dc=assino,dc=netBut from Zentyal to Windows ERROR.

Code: [Select]

samba-tool drs replicate  zentyal winows_server dc=assino,dc=net

Can you post the zentyal.log?

yes
https://www.dropbox.com/s/8wtl1d23lf0qfjm/zentyal.log?dl=0

[IntOverflow]

I'm sorry I didn't reply to you sooner.

I found some problems in your log, but I can't promise you, that this solves your problem.

First error I found is a ntp problem. Active Directory react damageable to a wrong time:

Code: [Select]

Error output: Error resolving 0.pool.ntp.org: Name or service not known (-2)
 17 Dec 13:09:38 ntpdate[2040]: Can't find host 0.pool.ntp.org: Name or service not known (-2)
 17 Dec 13:09:38 ntpdate[2040]: no servers can be used, exiting

Command output: .
Exit value: 1 at root command /usr/sbin/ntpdate 0.pool.ntp.org failed.
Error output: Error resolving 0.pool.ntp.org: Name or service not known (-2)
 17 Dec 13:09:38 ntpdate[2040]: Can't find host 0.pool.ntp.org: Name or service not known (-2)
 17 Dec 13:09:38 ntpdate[2040]: no servers can be used, exiting

Another error is the nsupdate (DNS):

Code: [Select]

2014/12/11 14:21:20 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command nsupdate -l -t 10 /var/lib/zentyal/tmp/W18dEERCLK failed.
2014/12/11 14:21:20 ERROR> Service.pm:1001 EBox::Module::Service::restartService - Error restarting service: root command nsupdate -l -t 10 /var/lib/zentyal/tmp/W18dEERCLK failed.
Error output: update failed: SERVFAIL

Command output: .
Exit value: 2

• Can you try to run command "/usr/sbin/ntpdate 0.pool.ntp.org" in terminal. Can you run this cmd sucessfully?
• Can you run command "nslookup <your server>" for example "nslookup myserver.home.lan" and post the result?