[Samba] FW: AW: Samba4 as BDC on a Win2003 AD_PDC

Daniel ATUALIZEM TENHO NOVO MSN nenhummail at hotmail.com
Thu Oct 9 07:57:51 MDT 2014 


From: nenhummail at hotmail.com
To: mueller at tropenklinik.de
Subject: RE: AW: [Samba] Samba4 as BDC on a Win2003 AD_PDC
Date: Thu, 9 Oct 2014 13:55:17 +0000







Yes, I joined the samba 4 host as DC to 2003 domain  by following the Samba Wiki 
https://wiki.samba.org/index.php/Join_a_domain_as_a_DC

I think this steps are just to join a Samba4 as a DC on an existing domain.


All steps was done with success, including the "joining the existing domain as a DC".

On step "Test Directory Replication", all changes done on w2003 are replicated to Samba4 successfull. 

When I use a Windows XP machine with RSAT tool, I can connect to Samba4 DC an I can see all modifications done by w2003. So when I try to create or delete a user by RSAT, i got this message and logs.

Ah, this is my samba-tool drs showrpl output:

==== INBOUND NEIGHBORS ====

DC=ForestDnsZones,DC=ITEMNT
    Default-First-Site-Name\CPD-HALEN via RPC
        DSA object GUID: e50ee076-7a81-4616-aace-c18b350b7d4d
        Last attempt @ Thu Oct  9 10:49:35 2014 BRT failed, result 1311 (WERR_NO_LOGON_SERVERS)
        18 consecutive failure(s).
        Last success @ Tue Oct  7 16:47:00 2014 BRT


DC=DomainDnsZones,DC=ITEMNT
    Default-First-Site-Name\CPD-HALEN via RPC
        DSA object GUID: e50ee076-7a81-4616-aace-c18b350b7d4d
        Last attempt @ Thu Oct  9 10:49:38 2014 BRT failed, result 1311 (WERR_NO_LOGON_SERVERS)
        18 consecutive failure(s).
        Last success @ Tue Oct  7 16:47:00 2014 BRT


==== OUTBOUND NEIGHBORS ====

==== KCC CONNECTION OBJECTS ====

Connection --
    Connection name: 02bd6ecb-7453-4e5c-bb46-23a6c7e02489
    Enabled        : TRUE
    Server DNS name : cpd-halen.ITEMNT
    Server DN name  : CN=NTDS Settings,CN=CPD-HALEN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ITEMNT
        TransportType: RPC
        options: 0x00000001
Warning: No NC replicated for Connection!





> From: mueller at tropenklinik.de
> To: nenhummail at hotmail.com; samba at lists.samba.org
> Subject: AW: [Samba] Samba4 as BDC on a Win2003 AD_PDC
> Date: Thu, 9 Oct 2014 14:58:33 +0200
> 
> Did you join the samba 4 host as  dc to w2003 domain?
> AS I read you just set up a member server!?
> 
> 
> EDV Daniel Müller
> 
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen 
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> 
> 
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Daniel ATUALIZEM TENHO NOVO MSN
> Gesendet: Donnerstag, 9. Oktober 2014 14:44
> An: samba at lists.samba.org
> Betreff: [Samba] Samba4 as BDC on a Win2003 AD_PDC
> 
> HI,
> I have a Windows 2003 as AD PDC.
> My intention is disable this Windows and use Samba4 instead.
> 
> I have compiled Samba 4.1.12  on Debian 7 without problems.
> 
> I followed Samba Wiki to Join this machine to Win domain, without to do the
> Samba4 provision steps, as mentioned.
> 
> The join process occurs without errors and all strutcture of Wind2003 was
> replicated to Samba4. All modifications done on Windows 2003 are updated to
> Samba 4.
> 
> But, using RSAT to conect to Samba4, I can't create or delete new users or
> groups. I receive this message on RSAT:
> 
> "The server is unwilling to process the request"
> 
> This is the output on log.samba when I try to create or modify an user by
> RSAT connected on Samba 4
> 
> [2014/10/09 09:36:29.901189,  0]
> ../source4/dsdb/repl/drepl_ridalloc.c:43(drepl_new_rid_pool_callback)
>   ../source4/dsdb/repl/drepl_ridalloc.c:43: RID Manager failed RID
> allocation - WERR_NO_LOGON_SERVERS - extended_ret[0x0]
> 
> 
> And, this message is output on log.samba all the time:
> 
> [2014/10/09 09:37:00.527471,  0]
> ../source4/librpc/rpc/dcerpc_util.c:681(dcerpc_pipe_auth_recv)
>   Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
> e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:e50ee076-7a81-4616-aace-c1
> 8b350b7d4d._msdcs.ITEMNT[1025,seal,krb5] NT_STATUS_NO_LOGON_SERVERS
> 
> I need a help to solve this issue.
> 
> I want to change Wind2003 AD to Samba4 AD by:
> 1 - using Samba4 as secondary to get all users from Windows;
> 2 - testing Samba4 to create, modify and delete users, and replicate to
> Windows 2003;
> 3 - If step 2 pass, I wanto to "promote" samba 4 as primary DC and turning
> off Windows 2003;
> 4 - I will create a new samba4 to use as secondary DC.
> 
> Thanks for any help!
> 
> 
>  		 	   		  
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list