[Samba] Samba4 ClassicUpgrade post-migration issues

Rowland Penny rowlandpenny at googlemail.com
Wed Jun 18 13:07:39 MDT 2014 

On 18/06/14 19:59, Benjamin Arntzen wrote:
> Hi Rowland,
>
>
> On 06/18/2014 11:49 AM, Rowland Penny wrote:
>> On 18/06/14 19:28, Benjamin Arntzen wrote:
>>> Hi there,
>>>
>>> I've successfully migrated an extremely large Samba3 domain to Samba4.
>>> The platforms involved:
>>> Samba files (/var/lib/samba) copied from a Debian 6-based Samba3 PDC 
>>> with an LDAP backend
>>> Debian 7 with Samba4 installed from backports, with slapd installed 
>>> locally (and now disabled).
>>>
>>> However, a number of things appear to be wrong:
>>>
>>> dpadmin at samba4-dev0:~$ host -t SRV _ldap._tcp.ad.digipen.edu
>>> _ldap._tcp.ad.digipen.edu has SRV record 0 100 389 %h.ad.digipen.edu.
>>>
>>> dpadmin at samba4-dev0:~$ sudo service samba restart
>>> [ ok ] Stopping NetBIOS name server: nmbd.
>>> [ ok ] Stopping SMB/CIFS daemon: smbd.
>>> [....] Stopping Samba AD DC daemon: sambastart-stop-daemon: 
>>> *warning: failed to kill 10121: No such process*
>>> . ok
>>> [ ok ] Starting Samba AD DC daemon: samba.
>>>
>>> dpadmin at samba4-dev0:~$ kinit administrator at AD.DIGIPEN.EDU
>>> kinit: Cannot contact any KDC for realm 'AD.DIGIPEN.EDU' while 
>>> getting initial credentials
>>>
>>> This is the current contents of my /etc/samba/smb.conf:
>>> ####SOF####
>>> # Global parameters
>>> [global]
>>>         workgroup = DIGIPEN.EDU
>>>         realm = ad.digipen.edu
>>>         netbios name = %H
>>>         server role = active directory domain controller
>>>         idmap_ldb:use rfc2307 = yes
>>>         # Only allow signed updates
>>>         #allow dns updates = signed
>>>
>>>         # If recursive queries = yes is set, the following is also 
>>> needed
>>>         dns forwarder = 204.174.42.68
>>>
>>> [netlogon]
>>>         path = /var/lib/samba/sysvol/ad.digipen.edu/scripts
>>>         read only = No
>>>
>>> [sysvol]
>>>         path = /var/lib/samba/sysvol
>>>         read only = No
>>>
>>> ####EOF####
>>>
>>> How do I get Samba to start returning valid values for DNS?
>>> ~ Benjamin
>> Hi, what's in /etc/resolv.conf , /etc/krb5.conf , /etc/hostname and 
>> /etc/hosts
>>
>> Rowland
>>
>
> dpadmin at samba4-dev0:~$ cat /etc/resolv.conf
> domain ad.digipen.edu
> search ad.digipen.edu
> nameserver 10.1.20.137
> #nameserver 204.174.42.68
> #nameserver 204.174.42.88

I take it 10.1.20.137 is the ipaddress of the samba4 server, if so, this 
is ok.

> dpadmin at samba4-dev0:~$ cat /etc/krb5.conf
> [libdefaults]
>         default_realm = ad.digipen.edu
>         dns_lookup_realm = false
>         dns_lookup_kdc = true

Change the lowercase 'ad.digipen.edu' to uppercase 'AD.DIGIPEN.EDU'

> dpadmin at samba4-dev0:~$ cat /etc/hostname
> samba4-dev0

OK

> dpadmin at samba4-dev0:~$ cat /etc/hosts
> 127.0.0.1    localhost
> 127.0.1.1    samba4-dev0.digipen.edu    samba4-dev0
>
> # The following lines are desirable for IPv6 capable hosts
> ::1     localhost ip6-localhost ip6-loopback
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
>
This should be ok, but you could try changing 127.0.1.1 to 10.1.20.137

One last thought, dnsmasq isn't running in any form is it ?

Rowland

More information about the samba mailing list