[Samba] samba 4.1.17 upgrade 4.2.x ( sernet) upgrades.. fail...

L.P.H. van Belle belle at bazuin.nl
Fri Apr 24 09:16:16 MDT 2015 

Hai.. 
 
Just tested an upgrade of 4.1.17 to 4.2.1  
result... Fail.. 
 
setup, 
Debian wheezy, sernet samba packages. 
2 clean installed DC's  and 1 windows 7 pc joined. 
resolv.conf setup 
DC1 : namserver DC2 then DC1. 
DC2:  namserver DC1 then DC2. 
 
stopped samba on both servers. 
upgraded the packages on both servers. 
 
started samba on DC1 ( the one with fsmo roles ) 
waited 5 min. 
started samba on DC2 
 
from error free logs to 
 
[2015/04/24 17:06:29.274803,  0] ../source4/librpc/rpc/dcerpc_util.c:729(dcerpc_pipe_auth_recv)
  Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192.168.0.2[1024,seal,krb5,
  target_hostname=2835d359-ff8e-4146-acaa-e2b5f8c82be9._msdcs.internal.domain.tld,
  target_principal=GC/dc2.internal.domain.tld/internal.domain.tld,
  abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,
  localaddress=192.168.0.1] NT_STATUS_INVALID_PARAMETER

i didnt change anything in smb.conf  ( wanted to keep the OLD winbind behaivor ) 
 
anyone else who did this already with 100% success? 
tried not about 4 times, all fail.. ( imo samba 4.2.1 is not production ready ! ) 
.... 
 
this is the smb.conf used.
 
# Global parameters
[global]
        workgroup = INTERNAL
        realm = INTERNAL.DOMAIN.TLD
        netbios name = DC1
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
 
        ## Dont forget to set the idmap_ldb on ALL DC's if you use it
        idmap_ldb:use rfc2307 = yes
 
        interfaces = 127.0.0.1 192.168.0.1
        bind interfaces only = yes
        time server = yes
        wins support = yes
 
## KEEP THIS OFF !! Only used for modify-ing the AD Schema
## ONLY DONE ONES ON THE DC WITH THE FSMO Roles
        sdb:schema update allowed = no
 
        ## map id's outside to domain to tdb files.
        idmap config * : backend = tdb
        idmap config * : range = 2000-9999
        ## map ids from the domain and (*) the range may not overlap !
        idmap config INTERNAL: backend = ad
        idmap config INTERNAL: schema_mode = rfc2307
        idmap config INTERNAL: range = 10000-3999999
 
        winbind nss info = rfc2307
        winbind trusted domains only = no
        winbind use default domain = yes
        winbind expand groups = 3
 
        #template shell = /bin/bash
        #template homedir = /home/users/%ACCOUNTNAME%
 
        ## Disable printing completely
        load printers = no
        printing = bsd
        printcap name = /dev/null
        disable spoolss = yes
 
[netlogon]
        path = /home/samba/sysvol/internal.domain.tld/scripts
        read only = No
 
[sysvol]
        path = /home/samba/sysvol
        read only = No

More information about the samba mailing list