[Samba] Upgrading Samba in a Multi DC environment
Chris Alavoine
chrisa at acs-info.co.uk
Tue Sep 16 09:23:44 MDT 2014
I'm thinking that I need to reduce the size of my domain (and objects,
currently 300,000+) before attempting another upgrade/DNS migration.
Hopefully then I'll be able to run a successful "samba-tool dbcheck
--cross-ncs" and then rejoin all my outlying DC's. The problem I have is
that most of the DC's are spread around the globe on connections of varying
quality and latency.
In the past I haven't had much luck with the domain demotion tool and have
ended up just shutting down the DC in question and them removing all traces
of it from DNS, ADSS and ADUC.
Can anyone see any pitfalls with this approach?
Thanks,
Chris.
On 6 September 2014 20:55, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
> Have also made an attempt at migrating to BIND9_DLZ. I have bind setup
> nicely but when I run the upgrade command I get this:
>
> root at ess-dc-001:/var/named/master# /usr/local/samba/sbin/samba_upgradedns
> --dns-backend=BIND9_DLZ
> Reading domain information
> Traceback (most recent call last):
> File "/usr/local/samba/sbin/samba_upgradedns", line 261, in <module>
> paths, lp.configfile, lp)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 319, in find_provision_key_parameters
> dns_admins_sid = get_dnsadmins_sid(samdb, names.domaindn)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/sambadns.py",
> line 63, in get_dnsadmins_sid
> attrs=["objectSid"])
> _ldb.LdbError: (32, 'No such Base DN:
> CN=DnsAdmins,CN=Users,DC=essence,DC=internal,DC=com')
>
> Seems to be complaining that DnsAdmins doesn't exist, anyone seen this
> before?
>
> Thanks,
> Chris.
>
>
> On 6 September 2014 20:18, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
>
>> Hi,
>>
>> I attempted to upgrade my main FSMO roles DC to 4.1.11 and samba refused
>> to start after the upgrade. This was in the logs:
>>
>> [2014/09/06 14:11:44.828602, 0]
>> ../lib/ldb-samba/ldb_wrap.c:71(ldb_wrap_debug)
>> ldb: A transaction is still active in ldb context [0x7f9ec5ae5230] on
>> /usr/local/samba/private/sam.ldb
>>
>> This was the only thing that looked like an error.
>>
>> I use NSLCD which refused to get passwd or group from the DC after the
>> upgrade.
>>
>> ADUC / DNS / browsing shares was all broken.
>>
>> In the end I reconfigured back to 4.1.5 and all was well again (thank
>> goodness).
>>
>> I have tried running "samba-tool dbcheck --cross-ncs" in the past but
>> this took days to complete and ended up crashing the DC.
>>
>> Any ideas?
>>
>> Thanks,
>> Chris.
>>
>>
>> On 22 August 2014 16:18, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
>>
>>> Hi Marc,
>>>
>>> Thanks for the comparison.
>>>
>>> The 5 DC's are spread around the globe as well so there will be some
>>> latency issues involved as well I guess.
>>>
>>> Thanks,
>>> Chris.
>>>
>>>
>>> On 22 August 2014 16:14, Marc Muehlfeld <mmuehlfeld at samba.org> wrote:
>>>
>>>> Hello Chris,
>>>>
>>>> Am 22.08.2014 12:10, schrieb Chris Alavoine:
>>>> > After almost 2 hours the following appeared:
>>>> >
>>>> > Checking 387092 objects
>>>> >
>>>> > I guess that could take a while.
>>>>
>>>>
>>>> We haven't collected average values yet.
>>>>
>>>>
>>>> In our production environment we're having about 4000 objects and it
>>>> takes about 45-60 sec. So yours sound normal in comparison. :-)
>>>>
>>>>
>>>> Regards,
>>>> Marc
>>>>
>>>
>>>
>>>
>>> --
>>> ACS (Alavoine Computer Services Ltd)
>>> Chris Alavoine
>>> mob +44 (0)7724 710 730
>>> www.alavoinecs.co.uk
>>> http://twitter.com/#!/alavoinecs
>>> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>>>
>>
>>
>>
>> --
>> ACS (Alavoine Computer Services Ltd)
>> Chris Alavoine
>> mob +44 (0)7724 710 730
>> www.alavoinecs.co.uk
>> http://twitter.com/#!/alavoinecs
>> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>>
>
>
>
> --
> ACS (Alavoine Computer Services Ltd)
> Chris Alavoine
> mob +44 (0)7724 710 730
> www.alavoinecs.co.uk
> http://twitter.com/#!/alavoinecs
> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>
--
ACS (Alavoine Computer Services Ltd)
Chris Alavoine
mob +44 (0)7724 710 730
www.alavoinecs.co.uk
http://twitter.com/#!/alavoinecs
http://www.linkedin.com/pub/chris-alavoine/39/606/192
More information about the samba
mailing list