[Samba] FW: AW: Samba4 as BDC on a Win2003 AD_PDC

Rowland Penny rowlandpenny at googlemail.com
Thu Oct 9 10:16:55 MDT 2014 

On 09/10/14 16:31, Min Wai Chan wrote:
> HI,
>
> If I'm not wrong.
> Win 2003 DC is not supported...
Yep, you are wrong ;-)

Rowland

>
> Samba 4 AD DC only support win2k8 and win2k8R2
> also not support 2012 (at least not fully tested)
>
>
>
> On Thu, Oct 9, 2014 at 9:57 PM, Daniel ATUALIZEM TENHO NOVO MSN <
> nenhummail at hotmail.com> wrote:
>
>>
>> From: nenhummail at hotmail.com
>> To: mueller at tropenklinik.de
>> Subject: RE: AW: [Samba] Samba4 as BDC on a Win2003 AD_PDC
>> Date: Thu, 9 Oct 2014 13:55:17 +0000
>>
>>
>>
>>
>>
>>
>>
>> Yes, I joined the samba 4 host as DC to 2003 domain  by following the
>> Samba Wiki
>> https://wiki.samba.org/index.php/Join_a_domain_as_a_DC
>>
>> I think this steps are just to join a Samba4 as a DC on an existing domain.
>>
>>
>> All steps was done with success, including the "joining the existing
>> domain as a DC".
>>
>> On step "Test Directory Replication", all changes done on w2003 are
>> replicated to Samba4 successfull.
>>
>> When I use a Windows XP machine with RSAT tool, I can connect to Samba4 DC
>> an I can see all modifications done by w2003. So when I try to create or
>> delete a user by RSAT, i got this message and logs.
>>
>> Ah, this is my samba-tool drs showrpl output:
>>
>> ==== INBOUND NEIGHBORS ====
>>
>> DC=ForestDnsZones,DC=ITEMNT
>>      Default-First-Site-Name\CPD-HALEN via RPC
>>          DSA object GUID: e50ee076-7a81-4616-aace-c18b350b7d4d
>>          Last attempt @ Thu Oct  9 10:49:35 2014 BRT failed, result 1311
>> (WERR_NO_LOGON_SERVERS)
>>          18 consecutive failure(s).
>>          Last success @ Tue Oct  7 16:47:00 2014 BRT
>>
>>
>> DC=DomainDnsZones,DC=ITEMNT
>>      Default-First-Site-Name\CPD-HALEN via RPC
>>          DSA object GUID: e50ee076-7a81-4616-aace-c18b350b7d4d
>>          Last attempt @ Thu Oct  9 10:49:38 2014 BRT failed, result 1311
>> (WERR_NO_LOGON_SERVERS)
>>          18 consecutive failure(s).
>>          Last success @ Tue Oct  7 16:47:00 2014 BRT
>>
>>
>> ==== OUTBOUND NEIGHBORS ====
>>
>> ==== KCC CONNECTION OBJECTS ====
>>
>> Connection --
>>      Connection name: 02bd6ecb-7453-4e5c-bb46-23a6c7e02489
>>      Enabled        : TRUE
>>      Server DNS name : cpd-halen.ITEMNT
>>      Server DN name  : CN=NTDS
>> Settings,CN=CPD-HALEN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ITEMNT
>>          TransportType: RPC
>>          options: 0x00000001
>> Warning: No NC replicated for Connection!
>>
>>
>>
>>
>>
>>> From: mueller at tropenklinik.de
>>> To: nenhummail at hotmail.com; samba at lists.samba.org
>>> Subject: AW: [Samba] Samba4 as BDC on a Win2003 AD_PDC
>>> Date: Thu, 9 Oct 2014 14:58:33 +0200
>>>
>>> Did you join the samba 4 host as  dc to w2003 domain?
>>> AS I read you just set up a member server!?
>>>
>>>
>>> EDV Daniel Müller
>>>
>>> Leitung EDV
>>> Tropenklinik Paul-Lechler-Krankenhaus
>>> Paul-Lechler-Str. 24
>>> 72076 Tübingen
>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>> eMail: mueller at tropenklinik.de
>>> Internet: www.tropenklinik.de
>>>
>>>
>>> -----Ursprüngliche Nachricht-----
>>> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
>> Im
>>> Auftrag von Daniel ATUALIZEM TENHO NOVO MSN
>>> Gesendet: Donnerstag, 9. Oktober 2014 14:44
>>> An: samba at lists.samba.org
>>> Betreff: [Samba] Samba4 as BDC on a Win2003 AD_PDC
>>>
>>> HI,
>>> I have a Windows 2003 as AD PDC.
>>> My intention is disable this Windows and use Samba4 instead.
>>>
>>> I have compiled Samba 4.1.12  on Debian 7 without problems.
>>>
>>> I followed Samba Wiki to Join this machine to Win domain, without to do
>> the
>>> Samba4 provision steps, as mentioned.
>>>
>>> The join process occurs without errors and all strutcture of Wind2003 was
>>> replicated to Samba4. All modifications done on Windows 2003 are updated
>> to
>>> Samba 4.
>>>
>>> But, using RSAT to conect to Samba4, I can't create or delete new users
>> or
>>> groups. I receive this message on RSAT:
>>>
>>> "The server is unwilling to process the request"
>>>
>>> This is the output on log.samba when I try to create or modify an user by
>>> RSAT connected on Samba 4
>>>
>>> [2014/10/09 09:36:29.901189,  0]
>>> ../source4/dsdb/repl/drepl_ridalloc.c:43(drepl_new_rid_pool_callback)
>>>    ../source4/dsdb/repl/drepl_ridalloc.c:43: RID Manager failed RID
>>> allocation - WERR_NO_LOGON_SERVERS - extended_ret[0x0]
>>>
>>>
>>> And, this message is output on log.samba all the time:
>>>
>>> [2014/10/09 09:37:00.527471,  0]
>>> ../source4/librpc/rpc/dcerpc_util.c:681(dcerpc_pipe_auth_recv)
>>>    Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
>>> e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp
>> :e50ee076-7a81-4616-aace-c1
>>> 8b350b7d4d._msdcs.ITEMNT[1025,seal,krb5] NT_STATUS_NO_LOGON_SERVERS
>>>
>>> I need a help to solve this issue.
>>>
>>> I want to change Wind2003 AD to Samba4 AD by:
>>> 1 - using Samba4 as secondary to get all users from Windows;
>>> 2 - testing Samba4 to create, modify and delete users, and replicate to
>>> Windows 2003;
>>> 3 - If step 2 pass, I wanto to "promote" samba 4 as primary DC and
>> turning
>>> off Windows 2003;
>>> 4 - I will create a new samba4 to use as secondary DC.
>>>
>>> Thanks for any help!
>>>
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>

More information about the samba mailing list