[Samba] Domain join failure - error during DRS repl ADD: No objectClass found in replPropertyMetaData

mathias dufresne infractory at gmail.com
Thu Nov 19 10:26:30 UTC 2015 

If you plan to keep 4.3.x you can use --enable-fhs from configure script's
options (and the two others proposed by configure --help associated to
--enable-fhs). Doing that you should have most of your directories reused
(/etc/samba, /var/lib/samba...)

That worked for me as I don't care polluting /usr and others (I use VMs and
destroy them without a tear) on Centos 7 when I switched from Sernet
version to compiled version. No idea regarding Debian 'cause I'm not
allowed to used that system here :/

Cheers


2015-11-18 11:25 GMT+01:00 Andrew Bartlett <abartlet at samba.org>:

> On Mon, 2015-11-16 at 07:12 -0600, Matthew Delfino wrote:
> > On 2015.11.16, at 2:53 AM, Andrew Bartlett <abartlet at samba.org>
> > wrote:
> >
> > > On Sun, 2015-11-15 at 20:36 -0600, Matthew Delfino wrote:
> > > > Hello Colleagues and Mentors,
> > > >
> > > > I'm attempting to join a Samba AD DC that I compiled with samba
> > > > 4.3.1
> > > > on Ubuntu 14.04.3 to a group of three AD DCs, also running Samba
> > > > on
> > > > Ubuntu 14.04.3, but each of them is running Canonical's pre
> > > > -compiled
> > > > Samba package, v4.1.6.
> > >
> > > > It appears to me that this initial replication is choking here:
> > > >
> > > >  No objectClass found in replPropertyMetaData for
> > > > CN=kerio_emailgroup,OU=Services,OU=Groups,OU=knock,DC=mydomain,DC
> > > > =lan
> > > > !
> > > >
> > > > This makes me think something about my addition of specialized
> > > > schema
> > > > has triggered, or tripped on, a bug somewhere downstream. I
> > > > searched
> > > > for strings on the internet with similar warnings and found this
> > > > conversation between Rowland Penny and Luke Bigum:
> > > >
> > > >  https://lists.samba.org/archive/samba/2015-June/192516.html
> > > >
> > > > I'm wondering if I'm in a similar pickle. Could this be the bug
> > > > I'm
> > > > hitting?
> > > >
> > > >  https://bugzilla.samba.org/show_bug.cgi?id=10973#c8
> > > >
> > > > Any advice on how to get myself out of this, via work-arounds or
> > > > whatever, would be greatly appreciated. Thank you in advance!
> > >
> > > Yes, this is the same issue.  You need to upgrade to Samba 4.3 on
> > > the
> > > source DC, run dbcheck, fix the issues, and then you can join
> > > another
> > > DC to the domain.
> > >
> > > Andrew Bartlett
> > >
> > > --
> > > Andrew Bartlett                       http://samba.org/~abartlet/
> > > Authentication Developer, Samba Team  http://samba.org
> > > Samba Developer, Catalyst IT
> > > http://catalyst.net.nz/services/samba
> >
> > I’m breathing a sigh of relief this morning in rainy Minneapolis
> > because this is very encouraging to hear. Thank you!
> >
> > HOWEVER… this opens a door to another room I’ve never been in because
> > I know the Debian/Ubuntu version of Samba 4.1.6 has been configured
> > with some tweaks to install it differently (sbin and bin binaries
> > installed into existing directories, conf file installed under
> > /etc/samba/, etc.).
> >
> > How would an expert do this? Just apt-get remove samba and install
> > the latest version from source? Any configure tweaks? Where would I
> > move the existing databases and other files? What do I need to keep?
> > What can I leave behind? I’m not expecting you to answer all of these
> > questions, but perhaps you know of a helpful tutorial online? I can’t
> > seem to find a good one…
>
> Do you intend to keep the 4.1 server after fixing it?
>
> If not, then you can install Samba from source, then run dbcheck from
> the 4.3 install pointed at the 4.1 sam.ldb file with samba-tool dbcheck
> -H /var/lib/samba/private/sam.ldb
>
> That will fix the DB, and allow you to join the domain.  The DB will
> only corrupt again when modifications are made to objects using
> additional schema - so just don't change those until you remove the 4.1
> server finally.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett                       http://samba.org/~abartlet/
> Authentication Developer, Samba Team  http://samba.org
> Samba Developer, Catalyst IT
> http://catalyst.net.nz/services/samba
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list