samba wiki (https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory) を参考に、
DC のレプリケーションを TRY!

でもエラー。

# samba-tool drs showrepl
Default-First-Site-Name\*
DSA Options: 0x00000001
DSA object GUID: ********-****-****-****-************
DSA invocationId: ********-****-****-****-************

==== INBOUND NEIGHBORS ====

CN=Schema,CN=Configuration,DC=*,DC=x,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:04:13 2016 JST was successful
0 consecutive failure(s).
Last success @ Tue Sep 27 21:04:13 2016 JST

CN=Configuration,DC=*,DC=x,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:04:14 2016 JST was successful
0 consecutive failure(s).
Last success @ Tue Sep 27 21:04:14 2016 JST

DC=ForestDnsZones,DC=*,DC=x,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:04:13 2016 JST failed, result 1326 (WERR_LOGON_FAILURE)
1 consecutive failure(s).
Last success @ Tue Sep 27 20:45:29 2016 JST

DC=DomainDnsZones,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:04:13 2016 JST was successful
0 consecutive failure(s).
Last success @ Tue Sep 27 21:04:13 2016 JST

DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:04:14 2016 JST was successful
0 consecutive failure(s).
Last success @ Tue Sep 27 21:04:14 2016 JST

==== OUTBOUND NEIGHBORS ====

==== KCC CONNECTION OBJECTS ====

Connection --
Connection name: *
Enabled : TRUE
Server DNS name : *.*.*.mydns.jp
Server DN name : CN=NTDS Settings,CN=*,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!

ちなみに primary domain contoller で実行したら、
# samba-tool drs showrepl

==== INBOUND NEIGHBORS ====

CN=Schema,CN=Configuration,DC=*,DC=x,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
.... (WERR_GENERAL_FAILUER)

というエラーで、replication 状態が確認できず。

よくよく見ると、 primary dc と secondary dc との時刻が大幅にずれていた… f(^^;

＃ primary dc を仮想ＰＣ上で動作させており、その仮想ＰＣの host が 何度か sleep で停止していたため、時刻がずれていた。

で、primary dc の時刻を ntp サーバと同期（実際には再起動）させたら、
primary 側は、INBOUND NEIGHBORS 側の WERR_GENERAL_FAILUER のエラーは消え、

Connection --
Connection name: *
Enabled : TRUE
Server DNS name : *.*.*.mydns.jp
Server DN name : CN=NTDS Settings,CN=*,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!

という Warning が残った状態に変化。

一方、secondary dc 側は、下記のようにエラーの嵐。

# samba-tool drs showrepl
Default-First-Site-Name\*
DSA Options: 0x00000001
DSA object GUID: *
DSA invocationId: *

==== INBOUND NEIGHBORS ====

CN=Schema,CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:12 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
4 consecutive failure(s).
Last success @ Tue Sep 27 21:19:12 2016 JST

CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:13 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
4 consecutive failure(s).
Last success @ Tue Sep 27 21:19:12 2016 JST

DC=ForestDnsZones,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:12 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
4 consecutive failure(s).
Last success @ Tue Sep 27 21:19:12 2016 JST

DC=DomainDnsZones,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:12 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
4 consecutive failure(s).
Last success @ Tue Sep 27 21:19:12 2016 JST

DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:13 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
4 consecutive failure(s).
Last success @ Tue Sep 27 21:19:12 2016 JST

==== OUTBOUND NEIGHBORS ====

CN=Schema,CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:32 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
24 consecutive failure(s).
Last success @ NTTIME(0)

CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:32 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
83 consecutive failure(s).
Last success @ NTTIME(0)

DC=ForestDnsZones,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:31 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
24 consecutive failure(s).
Last success @ NTTIME(0)

DC=DomainDnsZones,DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:32 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
24 consecutive failure(s).
Last success @ NTTIME(0)

DC=*,DC=*,DC=mydns,DC=jp
Default-First-Site-Name\* via RPC
DSA object GUID: *
Last attempt @ Tue Sep 27 21:39:32 2016 JST failed, result 31 (WERR_GENERAL_FAILURE)
24 consecutive failure(s).
Last success @ NTTIME(0)

==== KCC CONNECTION OBJECTS ====

Connection --
Connection name: *
Enabled : TRUE
Server DNS name : *.*.*.mydns.jp
Server DN name : CN=NTDS Settings,CN=*,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=*,DC=*,DC=mydns,DC=jp
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!