[Samba] got stuck with replacing win2k DC with samba4 DC

Michael Wood esiotrot at gmail.com
Tue Nov 1 08:28:02 MDT 2011


Hi

As per the Samba4 HOWTO, try asking on the samba-technical list.
(I've copied my reply there.)

On 1 November 2011 15:03, Andreas Oster <aoster at novanetwork.de> wrote:
> Hello all,
>
> active directory is working now, seems there was an issue with
> DNS entries.
>
> Now i have another question.  I had to force demote of the win 2008 R2
> server and was not able to do "metadata cleanup" with the ntdsutil to
> remove the remains of the windows server afterwards, the new samba4 DC
> simply did not allow me to do that. Is there a way to do something
> similar with the samba provided tools (samba-tool for example) ?
>
> thank you
>
> regards
>
> Andreas
>
> Am 01.11.2011 11:06, schrieb Andreas Oster:
>>
>> Hello all,
>>
>> I have tried several times to replace an old Windows 2000 domain
>> controller with a samba4 dc but failed to do so.
>>
>> here is what I did/tried:
>>
>> - copied the old DC and DNS (bind9) to a vmware machine
>> - fixed some replication issues I had with the old 2k DC ( once had two
>> DCs and one died and had to seize it)
>> - downloaded 2008 R2 evaluation
>> - performed adprep32 /forestprep, adprep32 /domainprep and
>> adprep32 /domainprep /gpprep - no errors so far
>> - installed a new 2008 R2 machine and promoted it as new DC
>> - waited for SYSVOL to be synced
>> - transfered all FSMOs to the new 2008R2 DC
>> - demoted old 2k DC and re-added it as member server
>> - raised domain level to 2008 R2
>> - checked if everything is working with new DC -> OK, i guess.
>>
>> - installed a new VMware guest with current Ubuntu (oneiric 32bit)
>> - downloaded samba from git, downloaded required dependencies,
>> ./configure.developer, make, sudo make install
>> - changed nsupdate command to "/usr/bin/nsupdate"
>> - joined new samba DC to domain with samba-tool -> OK, no errors
>> - created start script and start samba4
>> - checked DNS for new entries for samba4 DC -> OK
>> - waited some time for replication
>> - used MS AD utils, connected to new samba4 DC and checked if all
>> entries are there -> OK, looks good.
>> - new samba4 currently has only GC role
>> - used howto form here:
>> https://lists.samba.org/archive/samba-technical/2011-October/080026.html
>> to replicate SYSVOL from Windows machine to samba4 server
>> - moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC
>> - demoted Windows DC (had to force it with dcpromo /forceremoval)
>> -> domain non functional anymore :-(
>> - if I open MS AD tools the DC will not be selected automatically
>> but I can select it manually and all entries seem do be there.
>>
>>
>> Has someone successful moved his domain to a samba4 environment ?
>> Any idea what could have happened ?
>>
>> I would be happy if someone can give me a hint in the right direction.
>>
>> thanks
>>
>> Andreas

-- 
Michael Wood <esiotrot at gmail.com>


More information about the samba-technical mailing list