./ad-migrate: 18: ./ad-migrate: use: not found
./ad-migrate: 19: ./ad-migrate: use: not found
./ad-migrate: 21: ./ad-migrate: use: not found
./ad-migrate: 22: ./ad-migrate: use: not found
./ad-migrate: 25: ./ad-migrate: use: not found
./ad-migrate: 27: ./ad-migrate: use: not found
./ad-migrate: 28: ./ad-migrate: use: not found
./ad-migrate: 29: ./ad-migrate: use: not found
./ad-migrate: 34: ./ad-migrate: Syntax error: Bad function name
#!/usr/bin/perl
repadmin /showrepl * /csv > replresults.csv
, we see the one-way failure:showrepl_COLUMNS | Destination DSA Site | Destination DSA | Naming Context | Source DSA Site | Source DSA | Transport Type | Number of Failures | Last Failure Time | Last Success Time | Last Failure Status |
showrepl_INFO | HeadOffice | TITAN | DC=DomainDnsZones,DC=copeohs,DC=com | HeadOffice | NEPTUNE | RPC | 0 | 0 | 16/08/2017 11:53 | 0 |
showrepl_INFO | HeadOffice | TITAN | CN=Configuration,DC=copeohs,DC=com | HeadOffice | NEPTUNE | RPC | 0 | 0 | 16/08/2017 11:56 | 0 |
showrepl_INFO | HeadOffice | TITAN | CN=Schema,CN=Configuration,DC=copeohs,DC=com | HeadOffice | NEPTUNE | RPC | 0 | 0 | 16/08/2017 11:53 | 0 |
showrepl_INFO | HeadOffice | TITAN | DC=ForestDnsZones,DC=copeohs,DC=com | HeadOffice | NEPTUNE | RPC | 0 | 0 | 16/08/2017 11:53 | 0 |
showrepl_INFO | HeadOffice | TITAN | DC=copeohs,DC=com | HeadOffice | NEPTUNE | RPC | 0 | 0 | 16/08/2017 11:53 | 0 |
showrepl_INFO | HeadOffice | NEPTUNE | DC=copeohs,DC=com | HeadOffice | TITAN | RPC | 20 | 16/08/2017 11:56 | 12/07/2017 07:08 | 8418 |
showrepl_INFO | HeadOffice | NEPTUNE | CN=Configuration,DC=copeohs,DC=com | HeadOffice | TITAN | RPC | 0 | 0 | 16/08/2017 11:56 | 0 |
showrepl_INFO | HeadOffice | NEPTUNE | CN=Schema,CN=Configuration,DC=copeohs,DC=com | HeadOffice | TITAN | RPC | 0 | 0 | 16/08/2017 11:56 | 0 |
showrepl_INFO | HeadOffice | NEPTUNE | DC=ForestDnsZones,DC=copeohs,DC=com | HeadOffice | TITAN | RPC | 0 | 0 | 16/08/2017 11:56 | 0 |
showrepl_INFO | HeadOffice | NEPTUNE | DC=DomainDnsZones,DC=copeohs,DC=com | HeadOffice | TITAN | RPC | 0 | 0 | 16/08/2017 11:56 | 0 |
sudo samba-tool ntacl sysvolcheck
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
Processing section "[homes]"
Processing section "[IT]"
Processing section "[ScanArchive]"
Processing section "[COPEDocs]"
Processing section "[MedicallyConfidential]"
Processing section "[Public]"
Processing section "[WPT]"
Processing section "[HP_Scans]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
ERROR(<type 'exceptions.TypeError'>): uncaught exception - (61, 'No data available')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 270, in run
lp)
File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1714, in checksysvolacl
fsacl = getntacl(lp, dir_path, direct_db_access=direct_db_access, service=SYSVOL_SERVICE)
File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 81, in getntacl
xattr.XATTR_NTACL_NAME)
sudo samba-tool drs showrepl
ldb_wrap open of secrets.ldb
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:titan.copeohs.com[,seal]
resolve_lmhosts: Attempting lmhosts lookup for name titan.copeohs.com<0x20>
resolve_lmhosts: Attempting lmhosts lookup for name titan.copeohs.com<0x20>
resolve_lmhosts: Attempting lmhosts lookup for name titan.copeohs.com<0x20>
HeadOffice\TITAN
DSA Options: 0x00000001
DSA object GUID: 5f9f0c17-282e-47b2-ac00-40edb9d29b74
DSA invocationId: 87a25fb1-187b-48dd-b885-a2fd93d8e6ee
==== INBOUND NEIGHBORS ====
DC=DomainDnsZones,DC=copeohs,DC=com
HeadOffice\NEPTUNE via RPC
DSA object GUID: 24e8a117-37b2-4146-9474-da7c45278313
Last attempt @ Wed Sep 20 11:40:29 2017 BST failed, result 1234 (WERR_PORT_UNREACHABLE)
5514 consecutive failure(s).
Last success @ Fri Sep 1 08:11:45 2017 BST
DC=DomainDnsZones,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ Wed Sep 20 11:40:29 2017 BST was successful
0 consecutive failure(s).
Last success @ Wed Sep 20 11:40:29 2017 BST
CN=Configuration,DC=copeohs,DC=com
HeadOffice\NEPTUNE via RPC
DSA object GUID: 24e8a117-37b2-4146-9474-da7c45278313
Last attempt @ Wed Sep 20 11:40:29 2017 BST failed, result 1234 (WERR_PORT_UNREACHABLE)
5515 consecutive failure(s).
Last success @ Fri Sep 1 08:11:45 2017 BST
CN=Configuration,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ Wed Sep 20 11:40:29 2017 BST was successful
0 consecutive failure(s).
Last success @ Wed Sep 20 11:40:29 2017 BST
CN=Schema,CN=Configuration,DC=copeohs,DC=com
HeadOffice\NEPTUNE via RPC
DSA object GUID: 24e8a117-37b2-4146-9474-da7c45278313
Last attempt @ Wed Sep 20 11:40:29 2017 BST failed, result 1234 (WERR_PORT_UNREACHABLE)
5514 consecutive failure(s).
Last success @ Fri Sep 1 08:11:45 2017 BST
CN=Schema,CN=Configuration,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ Wed Sep 20 11:40:29 2017 BST was successful
0 consecutive failure(s).
Last success @ Wed Sep 20 11:40:29 2017 BST
DC=ForestDnsZones,DC=copeohs,DC=com
HeadOffice\NEPTUNE via RPC
DSA object GUID: 24e8a117-37b2-4146-9474-da7c45278313
Last attempt @ Wed Sep 20 11:40:29 2017 BST failed, result 1234 (WERR_PORT_UNREACHABLE)
5514 consecutive failure(s).
Last success @ Fri Sep 1 08:11:45 2017 BST
DC=ForestDnsZones,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ Wed Sep 20 11:40:29 2017 BST was successful
0 consecutive failure(s).
Last success @ Wed Sep 20 11:40:29 2017 BST
DC=copeohs,DC=com
HeadOffice\NEPTUNE via RPC
DSA object GUID: 24e8a117-37b2-4146-9474-da7c45278313
Last attempt @ Wed Sep 20 11:40:30 2017 BST failed, result 1234 (WERR_PORT_UNREACHABLE)
5513 consecutive failure(s).
Last success @ Fri Sep 1 08:12:56 2017 BST
DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ Wed Sep 20 11:40:30 2017 BST was successful
0 consecutive failure(s).
Last success @ Wed Sep 20 11:40:30 2017 BST
==== OUTBOUND NEIGHBORS ====
DC=DomainDnsZones,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Configuration,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
CN=Schema,CN=Configuration,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=ForestDnsZones,DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
DC=copeohs,DC=com
HeadOffice\PLUTO via RPC
DSA object GUID: ac19e956-ee12-4a4c-943d-3b0883f33c74
Last attempt @ NTTIME(0) was successful
0 consecutive failure(s).
Last success @ NTTIME(0)
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: 6f8dd7a5-2ad2-4354-a5a9-099fd08bf301
Enabled : TRUE
Server DNS name : pluto.copeohs.com
Server DN name : CN=NTDS Settings,CN=PLUTO,CN=Servers,CN=HeadOffice,CN=Sites,CN=Configuration,DC=copeohs,DC=com
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: f3671125-06e5-464f-8cd3-57313e483a20
Enabled : TRUE
Server DNS name : Neptune.copeohs.com
Server DN name : CN=NTDS Settings,CN=NEPTUNE,CN=Servers,CN=HeadOffice,CN=Sites,CN=Configuration,DC=copeohs,DC=com
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
Processing section "[homes]"
Processing section "[IT]"
Processing section "[ScanArchive]"
Processing section "[COPEDocs]"
Processing section "[MedicallyConfidential]"
Processing section "[Public]"
Processing section "[WPT]"
Processing section "[HP_Scans]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
lp_load_ex: refreshing parameters
Processing section "[global]"
Processing section "[homes]"
Processing section "[IT]"
Processing section "[ScanArchive]"
Processing section "[COPEDocs]"
Processing section "[MedicallyConfidential]"
Processing section "[Public]"
Processing section "[WPT]"
Processing section "[HP_Scans]"
Processing section "[netlogon]"
Processing section "[sysvol]"
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Module 'acl_xattr' loaded
Initialising custom vfs hooks from [dfs_samba4]
Module 'dfs_samba4' loaded
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service Unknown Service (snum == -1)
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service Unknown Service (snum == -1)
lp_load_ex: refreshing parameters
Processing section "[global]"
Processing section "[homes]"
Processing section "[IT]"
Processing section "[ScanArchive]"
Processing section "[COPEDocs]"
Processing section "[MedicallyConfidential]"
Processing section "[Public]"
Processing section "[WPT]"
Processing section "[HP_Scans]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
ldb_wrap open of idmap.ldb
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 4
set_nt_acl: chown /var/lib/samba/sysvol. uid = 0, gid = 4.
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 4
set_nt_acl: chown /var/lib/samba/sysvol/copeohs.com/scripts. uid = 0, gid = 4.
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 4
set_nt_acl: chown /var/lib/samba/sysvol/copeohs.com. uid = 0, gid = 4.
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
idmap range not specified for domain '*'
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
open: error=2 (No such file or directory)
ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined error')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 239, in run
lp, use_ntvfs=use_ntvfs)
File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1609, in setsysvolacl
set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, use_ntvfs, passdb=s4_passdb)
File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1502, in set_gpos_acl
use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, service=SYSVOL_SERVICE)
File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 162, in setntacl
smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)