[Samba] samba 4.1.17 upgrade 4.2.x ( sernet) upgrades.. fail...

Achim Gottinger achim at ag-web.biz
Fri Apr 24 10:02:47 MDT 2015 

Hello Louis,

Am 24.04.2015 um 17:16 schrieb L.P.H. van Belle:
> Hai..
>
> Just tested an upgrade of 4.1.17 to 4.2.1
> result... Fail..
>
> setup,
> Debian wheezy, sernet samba packages.
> 2 clean installed DC's  and 1 windows 7 pc joined.
> resolv.conf setup
> DC1 : namserver DC2 then DC1.
> DC2:  namserver DC1 then DC2.
>
> stopped samba on both servers.
> upgraded the packages on both servers.
>
> started samba on DC1 ( the one with fsmo roles )
> waited 5 min.
> started samba on DC2
Have you tried it with DC2 running while upgrading DC1?
>
> from error free logs to
>
> [2015/04/24 17:06:29.274803,  0] ../source4/librpc/rpc/dcerpc_util.c:729(dcerpc_pipe_auth_recv)
>    Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for ncacn_ip_tcp:192.168.0.2[1024,seal,krb5,
>    target_hostname=2835d359-ff8e-4146-acaa-e2b5f8c82be9._msdcs.internal.domain.tld,
>    target_principal=GC/dc2.internal.domain.tld/internal.domain.tld,
>    abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,
>    localaddress=192.168.0.1] NT_STATUS_INVALID_PARAMETER
>
> i didnt change anything in smb.conf  ( wanted to keep the OLD winbind behaivor )
>
> anyone else who did this already with 100% success?
> tried not about 4 times, all fail.. ( imo samba 4.2.1 is not production ready ! )
> ....
>
> this is the smb.conf used.
>
> # Global parameters
> [global]
>          workgroup = INTERNAL
>          realm = INTERNAL.DOMAIN.TLD
>          netbios name = DC1
>          server role = active directory domain controller
>          server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
>
>          ## Dont forget to set the idmap_ldb on ALL DC's if you use it
>          idmap_ldb:use rfc2307 = yes
>
>          interfaces = 127.0.0.1 192.168.0.1
>          bind interfaces only = yes
>          time server = yes
>          wins support = yes
>
> ## KEEP THIS OFF !! Only used for modify-ing the AD Schema
> ## ONLY DONE ONES ON THE DC WITH THE FSMO Roles
>          sdb:schema update allowed = no
>
>          ## map id's outside to domain to tdb files.
>          idmap config * : backend = tdb
>          idmap config * : range = 2000-9999
>          ## map ids from the domain and (*) the range may not overlap !
>          idmap config INTERNAL: backend = ad
>          idmap config INTERNAL: schema_mode = rfc2307
>          idmap config INTERNAL: range = 10000-3999999
>
>          winbind nss info = rfc2307
>          winbind trusted domains only = no
>          winbind use default domain = yes
>          winbind expand groups = 3
>
>          #template shell = /bin/bash
>          #template homedir = /home/users/%ACCOUNTNAME%
>
>          ## Disable printing completely
>          load printers = no
>          printing = bsd
>          printcap name = /dev/null
>          disable spoolss = yes
>
> [netlogon]
>          path = /home/samba/sysvol/internal.domain.tld/scripts
>          read only = No
>
> [sysvol]
>          path = /home/samba/sysvol
>          read only = No
>

More information about the samba mailing list