[Samba] Problem joining Samba 4 to an older Samba 4 alpha 17

Andrew Bartlett abartlet at samba.org
Sun Jan 20 16:55:11 MST 2013

On Fri, 2013-01-18 at 13:48 +0100, Daniel Hedblom wrote:
> 2013/1/18 Andrew Bartlett <abartlet at samba.org>
> > On Fri, 2013-01-18 at 10:11 +0100, Daniel Hedblom wrote:
> > > Hi there,
> > >
> > > Im trying to join a samba 4.0.1 server to an older samba 4 alpha 17
> > server.
> > > Whatever i do the join is interrupted but i dont know what goes wrong.
> > Dns
> > > is double checked and correct as is most other stuff. How can i get a
> > > better view of what is happening than this? Can it be the source domain
> > > that contains erroneous objects?
> > >
> > > My goal is to move the old server to a new one, maybe there are a better
> > > way of doing this? Suggestions?
> >
> > Honestly, upgrading in place is the best way to do this.  Backup the old
> > DC, upgrade in place, and start the 4.0.1 release.  The role transfer
> > stuff isn't as reliable as we would like, whereas in-place is.
> >
> > Thanks for answering so fast.
> Im trying to move to a new hardware at the same time, and the server is not
> easily upgraded as its an Resara Server with their own packages of Samba4.
> Not so sure i would be successfull if i upgrade. I would very much prefer
> if i could move the machine and user accounts somehow without doing nasty
> stuff to the original server.

OK, so what I would suggest is setting up a new server, with the data
from Resara.  

The way I would do it is provision a new Samba4 install, but use the
same hostname, SID, domain and realm as your old server.  Use the
--host-ip parameter to point at your old server's IP.  

Then copy all the samba files to the matching locations on the new
server (the main purpose of the provision is to help you find all those
locations).  Files to look for include the private dir (all of it), the
sysvol folder and your DNS zone. 

The run the commands suggested in the upgrade code:

samba-tool dbcheck --fix
samba-tool ntacl sysvolreset

Finally give it the same IP (at the end of the process), and then start
it up.  It should work - if it doesn't, then power down the new machine,
go back to your old Resara server while you work out what is wrong.

This will configure Samba to use the internal DNS server (the new
default) and hopefully will migrate your file-based DNS zone into the AD

Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list