Can't join as DC on Samba4 Beta4/5
Andrew Bartlett
abartlet at samba.org
Mon Jul 30 16:37:20 MDT 2012
On Mon, 2012-07-30 at 14:27 -0700, Srinath Mantripragada wrote:
> Hi Andrew,
>
> Thanks, it worked and sorry for the delay to respond, I could only work on it now.
>
> What is your advice now ? Once I update both to git master can I start samba on both servers ?
Yes, you can upgrade to master (I fixed this in master as I was able to
reproduce this codepath in make test), and as that is the only object to
have been moved to LostAndFound, it is safe to start Samba.
> Here are the results:
>
> Finding a writeable DC for domain 'int.oinkdigital.com'
> >Found DC samba4-1.int.oinkdigital.com
> >Password for [ONK\administrator]:
> >workgroup is ONK
> >realm is int.oinkdigital.com
> >checking sAMAccountName
> >Adding CN=SAMBA4-2,OU=Domain Controllers,DC=int,DC=oinkdigital,DC=com
> >Adding CN=SAMBA4-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >Adding CN=NTDS Settings,CN=SAMBA4-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >Adding SPNs to CN=SAMBA4-2,OU=Domain Controllers,DC=int,DC=oinkdigital,DC=com
> >Setting account password for SAMBA4-2$
> >Enabling account
> >Calling bare provision
> >No IPv6 address will be assigned
> >Provision OK for domain DN DC=int,DC=oinkdigital,DC=com
> >Starting replication
> >Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[402/1550] linked_values[0/0]
> >Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[804/1550] linked_values[0/0]
> >Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[1206/1550] linked_values[0/0]
> >Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[1550/1550] linked_values[0/0]
> >Analyze and apply schema objects
> >Partition[CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[402/1689] linked_values[0/0]
> >Partition[CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[804/1689] linked_values[0/0]
> >Partition[CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[1206/1689] linked_values[0/0]
> >Partition[CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[1608/1689] linked_values[0/0]
> >Partition[CN=Configuration,DC=int,DC=oinkdigital,DC=com] objects[1689/1689] linked_values[29/0]
> >Replicating critical objects from the base DN of the domain
> >Partition[DC=int,DC=oinkdigital,DC=com] objects[98/98] linked_values[31/0]
> >Partition[DC=int,DC=oinkdigital,DC=com] objects[500/513] linked_values[0/0]
> >Partition[DC=int,DC=oinkdigital,DC=com] objects[611/513] linked_values[170/0]
> >Partition[DC=DomainDnsZones,DC=int,DC=oinkdigital,DC=com] objects[36/36] linked_values[0/0]
> >Partition[DC=ForestDnsZones,DC=int,DC=oinkdigital,DC=com] objects[18/18] linked_values[0/0]
> >Committing SAM database
> >Sending DsReplicateUpdateRefs for all the partitions
> >Setting isSynchronized and dsServiceName
> >Setting up secrets database
> >Joined domain ONK (SID S-1-5-21-4049503596-2436987728-3178021839) as a DC
>
>
> As for the cn=configlostandfound, there was none, only cn=lostandfoundconfig:
>
> root at samba4-2:/usr/local/samba# ldbsearch -H private/sam.ldb -s sub -b cn=lostandfoundconfig,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> ># record 1
> >dn: CN=LostAndFoundConfig,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >objectClass: top
> >objectClass: lostAndFound
> >cn: LostAndFoundConfig
> >instanceType: 4
> >whenCreated: 20110228202519.0Z
> >whenChanged: 20120720155408.0Z
> >uSNCreated: 1559
> >uSNChanged: 1559
> >showInAdvancedViewOnly: TRUE
> >name: LostAndFoundConfig
> >objectGUID: f25577a1-0b07-4764-b45e-595a5b05dd28
> >systemFlags: -2147483648
> >objectCategory: CN=Lost-And-Found,CN=Schema,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >distinguishedName: CN=LostAndFoundConfig,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >
> >
> ># record 2
> >dn: CN=25dd3d03-7a8f-408b-88b5-ee17ed83a63f,CN=LostAndFoundConfig,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >objectClass: top
> >objectClass: leaf
> >objectClass: nTDSConnection
> >cn: 25dd3d03-7a8f-408b-88b5-ee17ed83a63f
> >instanceType: 4
> >whenCreated: 20120720151005.0Z
> >uSNCreated: 3246
> >showInAdvancedViewOnly: TRUE
> >name: 25dd3d03-7a8f-408b-88b5-ee17ed83a63f
> >objectGUID: 05b58b40-eeb9-44c0-94d9-377a1b71bf8f
> >enabledConnection: TRUE
> >fromServer: CN=NTDS Settings,CN=SAMBA4-1,CN=Servers,CN=Default-First-Site-Name
> > ,CN=Sites,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >options: 1
> >systemFlags: 1073741824
> >objectCategory: CN=NTDS-Connection,CN=Schema,CN=Configuration,DC=int,DC=oinkdigital,DC=com
> >lastKnownParent: CN=NTDS Settings,CN=SAMBA4-2\0ADEL:bbd1b2e1-5692-4674-976d-55
> > b4d9a4383c,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC
> > =int,DC=oinkdigital,DC=com
> >whenChanged: 20120730204318.0Z
> >uSNChanged: 3247
> >distinguishedName: CN=25dd3d03-7a8f-408b-88b5-ee17ed83a63f,CN=LostAndFoundConf
> > ig,CN=Configuration,DC=int,DC=oinkdigital,DC=com
Thanks. This is a left-over object due to a DC being removed now that
the DC is gone, it is harmless.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list