Samba4: lots of issues with samba-tool domain classic upggrade
.:Renegade:.
Renegade at wrangler-jeep.de
Mon Nov 19 10:22:00 MST 2012
Hi to @ll,
I have pulled the latest git version (today: 19th Novembre 2012) and trying
to do a classic domain upgrade as described on the HowTo. I am going through
every step, but I have lot of issues and hope someone can assist.
My old server (called HostA) is running SLES9 with Samba3-3.4.13-42.suse91
and OpenLDAP2-2.2.24-4.5.
My new server (called HostB) is running Debian Squeeze 64bit and I used GIT
as described in the how-to to pull the latest version. Afterwards I did
compile with these options:
"./configure --enable-selftest --with-ads --enable-cups --with-quotas
--with-acl-support --with-dnsupdate --with-syslog"
On HostA I did "slapcat > mybackup.ldif" to save all my LDAP content.
On HostB I installed slapd server in version 2.4.23-7.2 by "apt-get install
slapd".
Then I renamed on HostB the directories by "mv /etc/ldap /etc/ldap.org && mv
/var/lib/ldap /var/lib/ldap.org"
I copied from HostA to HostB following data:
HostA:/etc/samba --> HostB:/etc/samba
HostA:/etc/openldap --> HostB:/etc/ldap
HostA:/var/lib/ldap --> HostB:/var/lib/ldap
Unfortunately the Samba4-HowTo regarding LDAP databases was not enough
information in my case. I had to research a lot of OpenLDAP on my own. So I
had to rename on HostB the directory "/etc/ldap/slapd.d" to
"/etc/ldap/slapd.d.OFF" else the new config style of slapd 2.4.x would be in
use. But I wanted to use the classic one with slapd.conf cause my old server
used that, too. It would be much easier to confige. An important point here
is, that I have to use the directory "schema" of /etc/ldap.org/schema si I
had to copy it over 1st to /etc/ldap/. It was also necessary in my case to
adjust my /etc/ldap/slapd.conf on HostB, else I got errors when trying to
start slapd on HostB. I had to add:
modulepath /usr/lib/ldap
moduleload back_bdb.la
because on my old server HostA the slapd.conf uses bdb database and so I had
to first load this backend on my new slapd.
It was a fight of one day to get slapd running on HostB but now it works and
I can use a LDAP tool and browse through my copied LDAP directory on HostB.
It would be nice, if someone could add some hints on the WiKi/HowTo because
there are maybe other users,too, who use an older samba release on their
existing server, like I do.
However, LDAP is working and I used the python script to check for
duplicates as mentioned on the HowTo. I changed afterwards the python script
to grep also for "uid" instead of "sambaSID" and when I found dups I removed
them with my LDAP browser tool, then rechecked till no error message
appeared. So fine so good, I thought LDAP is fine now.
Well, I am trying the classic domain upgrade tool 1st time now by executing:
" /usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/etc/samba
--use-xattrs=yes --realm=ad.mycompany.de /etc/samba/smb.conf >
/tmp/classicupgrade.log 2>&1
This will result in following error. I pasted the tail of my generated
/tmp/classicupgrade.log --> http://ctrlv.it/id/MzE2ODY1
So I thought I try renaming the file "mv /etc/samba/winbindd_idmap.tdb
/etc/samba/winbindd_idmap.tdb.bak".
Before I retry the samba-tool command, I have to delete "rm
/usr/local/samba/etc/smb.conf" and after I execute again the samba-tool I am
getting this error message on the end --> http://ctrlv.it/id/MzE2ODY2
Well, it seems that just deleting /usr/local/samba/etc/smb.conf was NOT
ENOUGH as mentioned in the HowTo. I have to delete also
/usr/local/samba/private/wins.ldb or better said => delete complete
directory "/usr/local/samba/private" before each run ??? I tried, so I did:
"mv /usr/local/samba/private /usr/local/samba/private.bak" or just "rm -rf
/usr/local/samba/private" and also deleted "rm
/usr/local/samba/etc/smb.conf". Then I executed again the samba-tool classic
domain task and now I am getting following error at the end -->
http://ctrlv.it/id/MzE2ODc4
As you see, the logfile suddenly stops there, is that normal ? So as Rixter
advised me, I wanted to retry that with -d3 option to get more infos. So I
did:
- rm -rf /usr/local/samba/private
- rm /usr/local/samba/etc/smb.conf
and executed the tool again with this command
"/usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/etc/samba
--use-xattrs=yes --realm=ad.mycompany.de -d3 /etc/samba/smb.conf >
/tmp/classicupgrade.log 2>&1
The logfile which was generated and edited with some comments of mine is
downloadable here -->
http://www.file-upload.net/download-6832064/classicupgrade.log.html
I also wonder what following message means which I found in my log:
"init_sam_from_ldap: Entry found for user: samba$
Demoting BDC account trust for samba, this DC must be elevated to an AD DC
using 'samba-tool domain promote' "
"samba" is the hostname of my old server HostA. What do I have to do for
tasks here?
So dear dev, it's really a pain in the ass and I am battling around for some
days now and cannot get it work. Ist he problem beginning already at the
step where I had to rename /etc/samba/winbindd_idmap.tdb to
/etc/samba/winbindd_idmap.tdb.bak ?? I am really stuck at this point and
hope someone can assist my dealing with these issues. Any help really
appreciated.
Thanks in advance.
Ayarsii
More information about the samba-technical
mailing list