Confused [Was: Upgrade from S3 to a Samba4 DC [with LDAPSAM]]

Andrew Bartlett abartlet at
Mon Oct 31 15:38:18 MDT 2011

On Mon, 2011-10-31 at 13:58 -0400, Adam Tauno Williams wrote:
> So I have an S4 instance I've built from an upgrade of a Samba 3  
> LDAPSAM domain.
> I took an XP workstation off the production network, created the  
> Samba4 instance, brought it up on its own network and connected the XP  
> workstation.  Attempting to login on the XP workstation and it says  
> "domain unavailable".  Hrmm....
> I can get tickets as an 'upgraded' domain user.
>    kinit adam at MICORE.US
> DNS is working.
>    host -t SRV
>    host -t SRV
>    host -t A
> But -
> Ignoring unknown parameter "server role"
> SID for domain BARBEL is: S-1-5-21-2037442776-3290224752-88127236
> barbel:~ # net getdomainsid
> Ignoring unknown parameter "server role"
> SID for local machine BARBEL is: S-1-5-21-2037442776-3290224752-88127236
> Could not fetch domain SID
> ... should the domain SID be fetchable?  Is the upgraded domain  
> somehow disabled?

The two errors you list here are actually very closely related.  We need
to support the 'server role' parameter in the source3 loadparm code, so
that the 'net' command knows it is a DC, and so does the right thing in
fetching the domain SID (which is to ask sam.ldb). 

It should not be a hard job - systems without a 'server role' set with
simply use 'auto' which will work it out using the existing samba3
'domain logons/domain master' combinations.  Amitay or I will try to get
to it soon.

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 

More information about the samba-technical mailing list