Trouble vampiring W2K3 into Ubuntu Lucid 10.04 with Samba4

Diego Gutierrez Zaldivar dgz at trustedtranslations.com
Wed Sep 1 19:08:25 MDT 2010 

  I find out the reason why I couldn't vampire the W2K3 AD for the 
second time. The reason is I was only removing the Samba4 AD recently 
joined from the Domain Controllers section of Active Directory Users and 
Computers. To completely remove any reference its also necessary to 
remove the server from the Sites/Servers section of Active Directory 
Sites and Services.

As I saw on my threads the partially removed joined AD are also the 
cause for this kind error messages on Samba:

dreplsrv_notify: Failed to send DsReplicaSync to 
3dac8179-a019-4a04-a8d4-bbc80bfbde7e._msdcs.trusted.trusted for 
DC=trusted,DC=trusted - NT_STATUS_OBJECT_NAME_NOT_FOUND : WERR_BADFILE

On the other hand I made the vampired Samba4 AD work by configuring the 
BIND zones for my domain slave zones of the DNS running on the W2K3 
Server which is good for testing purposes but as I want to shutdown the 
W2K3 Server would be nice to have independence. Any help regarding the 
proper DNS configuration for a vampired server will be highly appreciated :)

Cheers,
Diego


Diego Gutierrez Zaldivar wrote:
>  Thanks in advance for your help. What I'm trying to achieve is to 
> vampire a W2K3 AD into a Samba4 and then shutdown the W2K3 AD so 
> Samba4 takes its place. So far I was able to provision a Samba4 
> properly and then add / remove computers and users to a provisioned 
> Samba4 but when I try to replicate those activities on a vampired 
> Samba4 I miserably fail. I get to transfer the users and to join the 
> Samba4 as Domain Controller but when I try to add a Windows machine to 
> the Samba4 I get an error saying the server is not fully funcional. In 
> both scenarios provisioned and vampired I get the file shares working 
> without problems. Am I missing something?
>
> Thank you very much for your help;
> Diego
>
> PD: Another problem I face is that I have to rename the Linux hostname 
> every time I vampire as I get an error saying the name already exists 
> and the old names keep registered somewhere I can't find because when 
> I run source4/scripting/devel/rebuild_zone.sh zones are created for 
> all the old hostnames the Linux machine had in the past.
>
> Here are the steps I follow:
>
> - Install required packages on Ubuntu Lucid 10.04
> - Get Samba4 source through git
> - configure.developer, make, make tests, sudo make install
> - sudo /usr/local/samba/bin/net vampire company.company -Ugod 
> --realm=company.company (my administrator is called god). This results 
> in:
>
> CLDAP response: forest=company.company dns=company.company 
> netbios=company server_site=Nombre-predeterminado-primer-sitio  
> client_site=Nombre-predeterminado-primer-sitio
> Become DC [FILES4] of Domain[company]/[company.company]
> Promotion Partner is Server[servidor.company.company] from 
> Site[Nombre-predeterminado-primer-sitio]
> Options:crossRef behavior_version[0]
>         schema object_version[31]
>         domain behavior_version[2]
>         domain w2k3_update_revision[8]
> Provision for Become-DC test using python
> New Server in Site[Nombre-predeterminado-primer-sitio]
> DSA Instance [(null)]
>         invocationId[None]
> Paths under targetdir[(null)]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[133] linked_values[0]
> Schema-DN[CN=Schema,CN=Configuration,DC=company,DC=company] 
> objects[53] linked_values[0]
> Analyze and apply schema objects
> Schema for DRS tests using python
> ../dsdb/common/util.c:3001: WARNING: domainFunctionality not setup
> Partition[CN=Configuration,DC=company,DC=company] objects[133] 
> linked_values[0]
> naming_fsmo_init: no partitions dn present: (skip loading of naming 
> contexts details)
>
> Partition[CN=Configuration,DC=company,DC=company] objects[266] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[399] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[532] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[665] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[798] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[931] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[1064] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[1197] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[1330] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[1463] 
> linked_values[0]
> Partition[CN=Configuration,DC=company,DC=company] objects[1544] 
> linked_values[0]
> Partition[DC=company,DC=company] objects[133] linked_values[0]
> pdc_fsmo_init: no domain object present: (skip loading of domain details)
>
> Partition[DC=company,DC=company] objects[266] linked_values[0]
> Partition[DC=company,DC=company] objects[399] linked_values[0]
> Partition[DC=company,DC=company] objects[532] linked_values[0]
> Partition[DC=company,DC=company] objects[554] linked_values[0]
> mark ROOTDSE with isSynchronized=TRUE
> ../dsdb/common/util.c:3001: WARNING: domainFunctionality not setup
> ../dsdb/common/util.c:3001: WARNING: domainFunctionality not setup
> Vampired domain company (S-1-5-21-882192333-217708343-2508965660)

More information about the samba-technical mailing list