Upgrade from S3 to a Samba4 DC [with LDAPSAM]

Adam Tauno Williams awilliam at whitemice.org
Thu Sep 8 14:56:09 MDT 2011

Quoting tataia <iongigixx at gmail.com>:

> It happens for groups that have sambaGroupType =5
> replace 5 with 4

Gotcha.  And it goes much further.  Are users with the same name as  
groups an issue?  There is only one uid=bie object in the LDAPSAM.

[root at localhost samba-master]# ./source4/setup/upgrade_from_s3  
smb.conf /tmp/x --libdir=/root/s3
You are not root or your system do not support xattr, using tdb  
backend for attributes. If you intend to use this provision in  
production, rerun the script as root on a system supporting xattrs.
Reading smb.conf
no talloc stackframe around, leaking memory
Exporting account policy
Exporting groups
Exporting users
   Skipping wellknown rid=998 (for username=pc01845$)
   Skipping wellknown rid=500 (for username=root)
Next rid = 9973
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=micore,DC=us
Adding configuration container
Setting up sam.ldb schema
Reopening sam.ldb with new schema
Setting up sam.ldb configuration data
Setting up display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up sam.ldb users and groups
Setting up self join
Setting up sam.ldb rootDSE marking as synchronized
Assuming bind9 DNS server backend
Adding DNS accounts
Populating CN=System,DC=micore,DC=us
See /tmp/x/private/named.conf for an example configuration include  
file for BIND
and /tmp/x/private/named.txt for further documentation required for  
secure DNS updates
A Kerberos configuration suitable for Samba 4 has been generated at  
Fixing provision GUIDs
Please install the phpLDAPadmin configuration located at  
/tmp/x/private/phpldapadmin-config.php into /etc/phpldapadmin/config.php
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           domain controller
Hostname:              BARBEL
NetBIOS Domain:        BACKBONE
DNS Domain:            micore.us
DOMAIN SID:            S-1-5-21-2037442776-3290224752-88127236
Admin password:        HH>OSM%kA+9h
Importing WINS database
Importing Account policy
Could not set account policy, ((21, "objectclass_attrs: attribute  
'minPwdLength' on entry 'DC=micore,DC=us' contains at least one  
invalid value!"))
Importing idmap database
Cannot open idmap database, Ignoring: (2): No such file or directory
Ignoring unknown parameter "server role"
Importing groups
Group already exists sid=S-1-5-21-2037442776-3290224752-88127236-514,  
groupname=Domain Guests existing_groupname=Domain Guests, Ignoring.
Group already exists sid=S-1-5-32-544, groupname=Administrators  
existing_groupname=Administrators, Ignoring.
Could not add group name=Print Operators ((68, "samldb: Account name  
(sAMAccountName) 'Print Operators' already in use!"))
Could not add group name=Mor-Value Parts ((68, "samldb: Account name  
(sAMAccountName) 'Mor-Value Parts' already in use!"))
Group already exists sid=S-1-5-21-2037442776-3290224752-88127236-512,  
groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
Importing users
Failed to create user record CN=bie,CN=Users,DC=micore,DC=us: samldb:  
Account name (sAMAccountName) 'bie' already in use!
Traceback (most recent call last):
   File "./source4/setup/upgrade_from_s3", line 129, in <module>
     upgrade_from_samba3(samba3, logger, targetdir,  
session_info=system_session(), useeadb=eadb)
   File "bin/python/samba/upgrade.py", line 640, in upgrade_from_samba3
passdb.error: Unable to add sam account 'bie', (-1073741725,User exists)

More information about the samba-technical mailing list