[Samba] Checking data migration from samba3 to samba4

Mario Codeniera mario.codeniera at gmail.com
Wed Dec 12 21:56:37 MST 2012


How do we check the data from Samba4 that the data from Samba3 successfully
migrated?

I dunno if it successfully migrated coz got these (last part):

[root at gaara LiveData]# /usr/local/samba/bin/samba-tool domain
classicupgrade --dbdir=/srv/LiveData/var_lib_samba/samba
--use-xattrs=yes --realm=kazekage.sura.sandbox.local
--dns-backend=SAMBA_INTERNAL /srv/smb.conf

Once the above files are installed, your Samba4 server will be ready to use
Admin password:        c#NR4;R>RqfO;VSp5&NKV3A)D+C?r!R
Server Role:           active directory domain controller
Hostname:              gaara
NetBIOS Domain:        KAZEKAGE
DNS Domain:            kazekage.sura.sandbox.local
DOMAIN SID:            S-1-5-21-1511653421-423844657-761698953
Importing WINS database
Importing Account policy
Importing idmap database
Importing groups
Group already exists sid=S-1-5-21-1511653421-423844657-761698953-512,
groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
Group already exists sid=S-1-5-21-1511653421-423844657-761698953-514,
groupname=Domain Guests existing_groupname=Domain Guests, Ignoring.
Group already exists sid=S-1-5-21-1511653421-423844657-761698953-515,
groupname=Domain Computers existing_groupname=Domain Computers,
Ignoring.
Group already exists sid=S-1-5-32-544, groupname=Administrators
existing_groupname=Administrators, Ignoring.
Group already exists sid=S-1-5-32-546, groupname=Guests
existing_groupname=Guests, Ignoring.
ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element'
  File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py",
line 1318, in run
    useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)
  File "/usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py",
line 879, in upgrade_from_samba3
    add_group_from_mapping_entry(result.samdb, g, logger)
  File "/usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py",
line 264, in add_group_from_mapping_entry
    str(groupmap.sid), groupmap.nt_name, msg[0]['sAMAccountName'][0])


I used to follow the howto

[root at gaara ambot]# /usr/local/samba/sbin/samba -i -M single
samba version 4.1.0pre1-GIT-a44e58a started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
/usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last):
/usr/local/samba/sbin/samba_dnsupdate:   File
"/usr/local/samba/sbin/samba_dnsupdate", line 508, in <module>
/usr/local/samba/sbin/samba_dnsupdate:     get_credentials(lp)
/usr/local/samba/sbin/samba_dnsupdate:   File
"/usr/local/samba/sbin/samba_dnsupdate", line 122, in get_credentials
/usr/local/samba/sbin/samba_dnsupdate:     creds.get_named_ccache(lp,
ccachename)
/usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for
GAARA$@KAZEKAGE.SURA.SANDBOX.LOCAL failed (Cannot contact any KDC for
requested realm)
/usr/local/samba/sbin/samba_dnsupdate:
../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
NT_STATUS_ACCESS_DENIED

Based on above I can't use the kdc, the DNS is running.



Other options I used was having a static DNS, which kdc is working fine
with no problems but only administrator can login, BUT CAN'T use other user
which is from the migrated one from samba3.

I also having problems with my zone (see below, i only got some section)
https://wiki.samba.org//index.php/Samba4/DNS

/var/named/dynamic/kazekage.sura.sandbox.local.zone

gaara        IN A    192.168.116.128

;_gc._msdcs	IN A    192.168.116.128
;ae2e14df-3484-49bb-b8b2-7611e5abf877._msdcs     IN CNAME        gaara

; global catalog servers
_gc._tcp                IN SRV 0 100 3268	gaara
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268	gaara
_ldap._tcp.gc._msdcs    IN SRV 0 100 3268	gaara
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs     IN SRV 0 100 3268 gaara
;


if i leave these entries commented out, it will generate errors. As i
remembered before someone changing the (aexxxx._msdcs) before, but I can't
figure out where is it maybe this part is having the problem?

_gc._msdcs	IN A    192.168.116.128
ae2e14df-3484-49bb-b8b2-7611e5abf877._msdcs     IN CNAME        gaara


I used to login on Windows but too slow, and can't use the the windows
remote administration tools (cant detect the Samba4 AD but able to login).

[root at gaara ambot]# /usr/local/samba/sbin/samba -i -M single
samba version 4.1.0pre1-GIT-ade5bfd started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT
../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT
../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT
../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT


Hope someone can enlighten the problems.

Thanks,
Mario


More information about the samba mailing list