[Samba] Upgrading Samba in a Multi DC environment
Rowland Penny
rowlandpenny at googlemail.com
Sat Sep 6 14:06:07 MDT 2014
On 06/09/14 20:55, Chris Alavoine wrote:
> Have also made an attempt at migrating to BIND9_DLZ. I have bind setup
> nicely but when I run the upgrade command I get this:
>
> root at ess-dc-001:/var/named/master# /usr/local/samba/sbin/samba_upgradedns
> --dns-backend=BIND9_DLZ
> Reading domain information
> Traceback (most recent call last):
> File "/usr/local/samba/sbin/samba_upgradedns", line 261, in <module>
> paths, lp.configfile, lp)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 319, in find_provision_key_parameters
> dns_admins_sid = get_dnsadmins_sid(samdb, names.domaindn)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/sambadns.py",
> line 63, in get_dnsadmins_sid
> attrs=["objectSid"])
> _ldb.LdbError: (32, 'No such Base DN:
> CN=DnsAdmins,CN=Users,DC=essence,DC=internal,DC=com')
>
> Seems to be complaining that DnsAdmins doesn't exist, anyone seen this
> before?
>
> Thanks,
> Chris.
>
>
> On 6 September 2014 20:18, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
>
>> Hi,
>>
>> I attempted to upgrade my main FSMO roles DC to 4.1.11 and samba refused
>> to start after the upgrade. This was in the logs:
>>
>> [2014/09/06 14:11:44.828602, 0]
>> ../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
>> ldb: A transaction is still active in ldb context [0x7f9ec5ae5230] on
>> /usr/local/samba/private/sam.ldb
>>
>> This was the only thing that looked like an error.
>>
>> I use NSLCD which refused to get passwd or group from the DC after the
>> upgrade.
>>
>> ADUC / DNS / browsing shares was all broken.
>>
>> In the end I reconfigured back to 4.1.5 and all was well again (thank
>> goodness).
>>
>> I have tried running "samba-tool dbcheck --cross-ncs" in the past but
>> this took days to complete and ended up crashing the DC.
>>
>> Any ideas?
>>
>> Thanks,
>> Chris.
>>
>>
>> On 22 August 2014 16:18, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
>>
>>> Hi Marc,
>>>
>>> Thanks for the comparison.
>>>
>>> The 5 DC's are spread around the globe as well so there will be some
>>> latency issues involved as well I guess.
>>>
>>> Thanks,
>>> Chris.
>>>
>>>
>>> On 22 August 2014 16:14, Marc Muehlfeld <mmuehlfeld at samba.org> wrote:
>>>
>>>> Hello Chris,
>>>>
>>>> Am 22.08.2014 12:10, schrieb Chris Alavoine:
>>>>> After almost 2 hours the following appeared:
>>>>>
>>>>> Checking 387092 objects
>>>>>
>>>>> I guess that could take a while.
>>>>
>>>> We haven't collected average values yet.
>>>>
>>>>
>>>> In our production environment we're having about 4000 objects and it
>>>> takes about 45-60 sec. So yours sound normal in comparison. :-)
>>>>
>>>>
>>>> Regards,
>>>> Marc
>>>>
>>>
>>>
>>> --
>>> ACS (Alavoine Computer Services Ltd)
>>> Chris Alavoine
>>> mob +44 (0)7724 710 730
>>> www.alavoinecs.co.uk
>>> http://twitter.com/#!/alavoinecs
>>> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>>>
>>
>>
>> --
>> ACS (Alavoine Computer Services Ltd)
>> Chris Alavoine
>> mob +44 (0)7724 710 730
>> www.alavoinecs.co.uk
>> http://twitter.com/#!/alavoinecs
>> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>>
>
>
Hi, try this:
ldbedit -e nano -H /usr/local/samba/private/sam.ldb cn=DnsAdmins
It should display DnsAdmins
How did you do the update, did you stop samba ?
Rowland
More information about the samba
mailing list