Upgrade AD DS from 4.9.5 -> 4.13.13, cannot resolve usernames on member server
Harald Hannelius
harald+samba at arcada.fi
Thu Oct 27 10:44:05 UTC 2022
On Thu, 27 Oct 2022, Rowland Penny via samba-technical wrote:
> On 27/10/2022 10:57, Harald Hannelius via samba-technical wrote:
>>
>> I upgraded my AD DS servers from Debian 10 to Debian 11 bullseye which also
>> upgraded Samba from 4.9.5 to 4.13.13.
>>
>> Now I notice that I am unable to resolve usernames on the member servers. I
>> have only numbers in the processlist for example. 'getent passwd
>> "DOMAIN\harald"' doesn't return anything.
>>
>> Did I miss something in the upgrade process?
>
> No idea, you haven't given us enough to work with.
>
> How did you upgrade your DC's ?
apt-get upgrade && apt-get dist-upgrade
> Did you upgrade them in place or did you create new DC's and demote the old
> ones ?
In place.
> What idmap backend are you using on the Unis domain members ?
idmap config domain:unix_primary_group = yes
idmap config domain:unix_nss_info = yes
idmap config domain:range = 500-4000000
idmap config domain:schema_mode = rfc2307
idmap config domain:backend = ad
idmap config * : range = 5000000-9000000
idmap config * : backend = tdb
>> Now when I restarted the smbd, winbind and nmbd I am unable to connect to
>> the member server.
>
> Sounds like a possible dns issue.
I have to check that next time I try doing this upgrade. Thanks.
> This isn't really the place to be discussing this, you should have posted to
> the samba mailing list.
Oh, sorry. I'll repost there.
Thank You for Your time, appreciated.
--
Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020
More information about the samba-technical
mailing list