[Samba] got stuck with replacing win2k DC with samba4 DC

[Andreas Oster]

Hello all,

I have tried several times to replace an old Windows 2000 domain 
controller with a samba4 dc but failed to do so.

here is what I did/tried:

- copied the old DC and DNS (bind9) to a vmware machine
- fixed some replication issues I had with the old 2k DC ( once had two
   DCs and one died and had to seize it)
- downloaded 2008 R2 evaluation
- performed adprep32 /forestprep, adprep32 /domainprep and
   adprep32 /domainprep /gpprep  -  no errors so far
- installed a new 2008 R2 machine and promoted it as new DC
- waited for SYSVOL to be synced
- transfered all FSMOs to the new 2008R2 DC
- demoted old 2k DC and re-added it as member server
- raised domain level to 2008 R2
- checked if everything is working with new DC  ->  OK, i guess.

- installed a new VMware guest with current Ubuntu (oneiric 32bit)
- downloaded samba from git, downloaded required dependencies,
   ./configure.developer, make, sudo make install
- changed nsupdate command to "/usr/bin/nsupdate"
- joined new samba DC to domain with samba-tool -> OK, no errors
- created start script and start samba4
- checked DNS for new entries for samba4 DC -> OK
- waited some time for replication
- used MS AD utils, connected to new samba4 DC and checked if all
   entries are there -> OK, looks good.
- new samba4 currently has only GC role
- used howto form here:
   https://lists.samba.org/archive/samba-technical/2011-October/080026.html
   to replicate SYSVOL from Windows machine to samba4 server
- moved FSMOs with ntdsutil from 2008 R2 DC to samba4 DC
- demoted Windows DC (had to force it with dcpromo /forceremoval)
   -> domain non functional anymore :-(
- if I open MS AD tools the DC will not be selected automatically
   but I can select it manually and all entries seem do be there.


Has someone successful moved his domain to a samba4 environment ?
Any idea what could have happened ?

I would be happy if someone can give me a hint in the right direction.

thanks

Andreas