missing /usr/local/samba/private/dns

Daniele Dario d.dario76 at gmail.com
Tue Apr 10 09:20:14 MDT 2012 

Hi,

On Thu, 2012-04-05 at 19:33 +0200, Daniele Dario wrote:
> Hi Amitay,
> 
> On Thu, 2012-04-05 at 12:24 +1000, Amitay Isaacs wrote:
> ...
> > I don't see DNS partitions information in either of the DCs. So
> > something is definitely wrong here. When you provisioned the first DC
> > (kdc01), looks like it was created without DNS partitions or somehow
> > the DNS partitions were created, but the information is not recorded
> > in the Configuration. This is really weird. No wonder when you try to
> > use samba_upgradedns, it tries to create DNS partitions, because there
> > is no record of them under CN=Partitions, but fails because the
> > partitions actually exist.
> > 
> > At this point I would suggest you manually add those entries. Use the
> > attached ldif file to create those entries.
> > 
> > ldbadd -H /path/to/sam.ldb -b
> > CN=Configuration,DC=saitelitalia,DC=local dns-add.ldif
> > 
> > It should create the missing entries under CN=Partitions. Then make
> > sure they are replicated to KDC02. Once that is done, try running
> > samba_upgradedns.
> > 
> > Amitay.
> 
> thanks for your patience.
> 
> After ldbadd, replication started working, so great job :-) .
> 
> Now samba_upgradedns fails with
> 
> [root at kdc02:/usr/local/samba/private]# samba_upgradedns --verbose
> lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
> params.c:pm_process() - Processing configuration file
> "/usr/local/samba/etc/smb.conf"
> Reading domain information
> lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
> params.c:pm_process() - Processing configuration file
> "/usr/local/samba/etc/smb.conf"
> Looking up IPv4 addresses
> IPv4 addresses: 192.168.12.2
> Looking up IPv6 addresses
> DNS accounts already exist
> No zone file /usr/local/samba/private/dns/saitelitalia.local.zone
> DNS records will be automatically created
> DNS partitions already exist
> Updating msDS-hasMasterNCs and hasPartialReplicaNCs attributes
> Traceback (most recent call last):
>   File "/usr/local/samba/sbin/samba_upgradedns", line 406, in <module>
>     "msDS-hasMasterNCs")
> _ldb.LdbError: (1, 'Operations error')
> 
> I'll try to see if I can be much clearer,
> Daniele
> 

addind -d 10 to raise log info I found

[root at kdc02:/usr/local/samba/private]# samba_upgradedns --verbose -d 10
INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/usr/local/samba/etc/smb.conf"
Processing section "[global]"
Processing section "[profiles]"
Processing section "[netlogon]"
Processing section "[sysvol]"
pm_process() returned Yes
lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/usr/local/samba/etc/smb.conf"
Processing section "[global]"
Processing section "[profiles]"
Processing section "[netlogon]"
Processing section "[sysvol]"
pm_process() returned Yes
Reading domain information
lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/usr/local/samba/etc/smb.conf"
Processing section "[global]"
Processing section "[profiles]"
Processing section "[netlogon]"
Processing section "[sysvol]"
pm_process() returned Yes
 SID[  0]: S-1-5-18
 Privileges (0xFFFFFFFFFFFFFFFF):
  Privilege[  0]: SeMachineAccountPrivilege
  Privilege[  1]: SeTakeOwnershipPrivilege
  Privilege[  2]: SeBackupPrivilege
  Privilege[  3]: SeRestorePrivilege
  Privilege[  4]: SeRemoteShutdownPrivilege
  Privilege[  5]: SePrintOperatorPrivilege
  Privilege[  6]: SeAddUsersPrivilege
  Privilege[  7]: SeDiskOperatorPrivilege
  Privilege[  8]: SeSecurityPrivilege
  Privilege[  9]: SeSystemtimePrivilege
  Privilege[ 10]: SeShutdownPrivilege
  Privilege[ 11]: SeDebugPrivilege
  Privilege[ 12]: SeSystemEnvironmentPrivilege
  Privilege[ 13]: SeSystemProfilePrivilege
  Privilege[ 14]: SeProfileSingleProcessPrivilege
  Privilege[ 15]: SeIncreaseBasePriorityPrivilege
  Privilege[ 16]: SeLoadDriverPrivilege
  Privilege[ 17]: SeCreatePagefilePrivilege
  Privilege[ 18]: SeIncreaseQuotaPrivilege
  Privilege[ 19]: SeChangeNotifyPrivilege
  Privilege[ 20]: SeUndockPrivilege
  Privilege[ 21]: SeManageVolumePrivilege
  Privilege[ 22]: SeImpersonatePrivilege
  Privilege[ 23]: SeCreateGlobalPrivilege
  Privilege[ 24]: SeEnableDelegationPrivilege
 Rights (0x               0):
lpcfg_servicenumber: couldn't find ldb
schema_fsmo_init: we are master[no] updates allowed[no]
lpcfg_servicenumber: couldn't find ldb
lpcfg_servicenumber: couldn't find ldb
lpcfg_servicenumber: couldn't find ldb
Looking up IPv4 addresses
added interface eth0 ip=fe80::20e:cff:fe3c:b729%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.12.2 bcast=192.168.12.255
netmask=255.255.255.0
IPv4 addresses: 192.168.12.2
Looking up IPv6 addresses
added interface eth0 ip=fe80::20e:cff:fe3c:b729%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.12.2 bcast=192.168.12.255
netmask=255.255.255.0
DNS accounts already exist
No zone file /usr/local/samba/private/dns/saitelitalia.local.zone
DNS records will be automatically created
DNS partitions already exist
Updating msDS-hasMasterNCs and hasPartialReplicaNCs attributes
Traceback (most recent call last):
  File "/usr/local/samba/sbin/samba_upgradedns", line 406, in <module>
    "msDS-hasMasterNCs")
_ldb.LdbError: (1, 'Operations error')

Is it right to see "Rights (0x0)"?
About FSMO kdc02 isn't the master but is right that it isn't allowed to
update rules?
Is it a problem the messages couldn't find ldb?

Thanks,
Daniele.

More information about the samba-technical mailing list