[Samba] Registering Windows 2012 impossible into samba4 after migration
Rowland Penny
rowlandpenny at googlemail.com
Wed Apr 15 02:26:36 MDT 2015
On 15/04/15 08:49, jean-yves boisiaud wrote:
> hello,
>
> our new samba4 is an ADS. The domain format is like samdom.example.com.
>
>
> 2015-04-15 7:56 GMT+02:00 Daniel Müller <mueller at tropenklinik.de>:
>> Hello again,
>> waht kind of domain ? nt-style? Or ads?
>> As I can tell I could not register a windows 2012 Server in an nt-style
>> domain with xxx.yyy domain name.
>>
>> Greetings
>> Daniel
>>
>>
>> EDV Daniel Müller
>>
>> Leitung EDV
>> Tropenklinik Paul-Lechler-Krankenhaus
>> Paul-Lechler-Str. 24
>> 72076 Tübingen
>> Tel.: 07071/206-463, Fax: 07071/206-499
>> eMail: mueller at tropenklinik.de
>> Internet: www.tropenklinik.de
>>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
>> Auftrag von jean-yves boisiaud
>> Gesendet: Dienstag, 14. April 2015 23:43
>> An: samba at lists.samba.org
>> Betreff: [Samba] Registering Windows 2012 impossible into samba4 after
>> migration
>>
>> hello,
>>
>> We've just migrated our samba PDC v3.4.5 (FreeBSD) to samba v4.1.17 (Debian
>> wheezy) with samba4 classic upgrade. Most of the stations works fine.
>>
>> When I try to register a Windows 2012 as a member into the new Samba AD,
>> Windows 2012 says it cannot authenticate the user used for registering the
>> new host into the domain. Of course, this user have admin privileges into
>> the AD target domain.
>>
>> I registered a Windows 2012 before into a Samba v4.1.11 without any problem.
>> It was not a classic upgrade, but a new domain from scratch.
>>
>> Do you have an idea why I cannot register my Windows 2012 into my classic
>> upgraded domain ?
>>
>> Thank you for your help.
>>
>> --
>> Jean-Yves Boisiaud - Alcor Consulting
>> 24, rue de la Glycine
>> 49250 Saint Remy la Varenne
>> mobile : +33 6 63 71 73 46 fixe : +33 9 72 41 19 35
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
I take it that this isn't something obvious like the time being
different between the computers, or you trying to join the 2012 machine
as a DC. Marc wrote a couple of pages on the samba wiki that may help:
https://wiki.samba.org/index.php/Joining_a_Windows_Server_2012_/_2012_R2_DC_to_a_Samba_AD
https://wiki.samba.org/index.php/Joining_a_Windows_Client_to_a_Domain
Whilst I have never had to upgrade an NT-4 style PDC, I thought it was
just basically like creating a new domain with the SID from the old
domain and importing all the users & groups from the old domain. What
you ended up with, was a new AD domain that was based on the old NT-4
PDC and your clients didn't notice the difference. I also thought that
there shouldn't be any difference between a newly provisioned domain and
an upgraded domain, you shouldn't be able to tell the difference (you
can actually, but this is only because the upgrade process adds the
un-required posix objectclasses), so if you are just trying to join
your 2012 computer as a client and it wont, then there must be something
going on, especially if you are trying to join the computer in the same
way that you previously joined one to a new samba4 AD.
Rowland
More information about the samba
mailing list