[Samba] classicupgrade try #1
Robert Moskowitz
rgm at htt-consult.com
Fri Aug 28 12:20:20 UTC 2015
On 08/28/2015 05:57 AM, Rowland Penny wrote:
> On 28/08/15 10:47, Robert Moskowitz wrote:
>>
>>
>> On 08/28/2015 03:56 AM, Rowland Penny wrote:
>>> On 27/08/15 23:23, Robert Moskowitz wrote:
>>>> So as I said, I grabbed EVERYTHING that was in the /etc/samba dir
>>>> along with ALL .tbd files and ran:
>>>>
>>>> # samba-tool domain classicupgrade --dbdir=/root/samba.PDC/dbdir/
>>>> --use-xattrs=yes --realm=home.htt --dns-backend=BIND9_DLZ
>>>> /root/samba.PDC/etc/smb.conf
>>>>
>>>> ANd it resulted in (note ldap error):
>>>>
>>>> Reading smb.conf
>>>> NOTE: Service printers is flagged unavailable.
>>>> NOTE: Service print$ is flagged unavailable.
>>>> Unknown parameter encountered: "force directory security mode"
>>>> Ignoring unknown parameter "force directory security mode"
>>>> Provisioning
>>>> Exporting account policy
>>>> Exporting groups
>>>> Exporting users
>>>> Next rid = 1000
>>>> Exporting posix attributes
>>>> Reading WINS database
>>>> Looking up IPv4 addresses
>>>> Looking up IPv6 addresses
>>>> No IPv6 address will be assigned
>>>> Setting up secrets.ldb
>>>> Setting up the registry
>>>> Setting up the privileges database
>>>> Setting up idmap db
>>>> Setting up SAM db
>>>> Setting up sam.ldb partitions and settings
>>>> Setting up sam.ldb rootDSE
>>>> Pre-loading the Samba 4 and AD schema
>>>> Adding DomainDN: DC=home,DC=htt
>>>> Adding configuration container
>>>> Setting up sam.ldb schema
>>>> Setting up sam.ldb configuration data
>>>> Setting up display specifiers
>>>> Modifying display specifiers
>>>> Adding users container
>>>> Modifying users container
>>>> Adding computers container
>>>> Modifying computers container
>>>> Setting up sam.ldb data
>>>> Setting up well known security principals
>>>> Setting up sam.ldb users and groups
>>>> Setting up self join
>>>> Setting acl on sysvol skipped
>>>> Adding DNS accounts
>>>> Creating CN=MicrosoftDNS,CN=System,DC=home,DC=htt
>>>> Creating DomainDnsZones and ForestDnsZones partitions
>>>> Populating DomainDnsZones and ForestDnsZones partitions
>>>> See /var/lib/samba/private/named.conf for an example configuration
>>>> include file for BIND
>>>> and /var/lib/samba/private/named.txt for further documentation
>>>> required for secure DNS updates
>>>> Setting up sam.ldb rootDSE marking as synchronized
>>>> Fixing provision GUIDs
>>>> A Kerberos configuration suitable for Samba 4 has been generated at
>>>> /var/lib/samba/private/krb5.conf
>>>> Setting up fake yp server settings
>>>> Once the above files are installed, your Samba4 server will be
>>>> ready to use
>>>> Admin password: ---------------
>>>> Server Role: active directory domain controller
>>>> Hostname: homebase
>>>> NetBIOS Domain: HOME
>>>> DNS Domain: home.htt
>>>> DOMAIN SID: S-1-5-21-4240919292-2417995422-4236335894
>>>> Importing WINS database
>>>> Importing Account policy
>>>> Importing idmap database
>>>> Cannot open idmap database, Ignoring: [Errno 2] No such file or
>>>> directory
>>
>> What is this error about?
>>
>>>> Adding groups
>>>> Importing groups
>>>> Committing 'add groups' transaction to disk
>>>> Adding users
>>>> Importing users
>>>> Committing 'add users' transaction to disk
>>>> Adding users to groups
>>>> Committing 'add users to groups' transaction to disk
>>>>
>>>>
>>>
>>> What ldap error?
>>
>> Too fast last evening... See above about idmap, not ldap. ARGH!
>
> That is a fairly common error, now I have never actually done a
> classicupgrade, but I think what it means is that it cannot find any
> idmap info, seeing as how mostly this setting wasn't used, this is not
> surprising.
>>
>>> As far as I can see, you just upgraded to AD
>>
>> That is good to know.
>>
>>
>
> Try running some tests with ldapsearch or ldbsearch, see if your users
> & groups are there etc.
I have not worked with ldap. Can you provide/point me to examples of
such commands?
My users were all unix users that I have not created on my new server.
In fact, I am wondering if I want to maintain that or do a different
user method and put their homedir someplace other than /home/user. What
do you advise? I will only have 2 - 8 users. But I would like to
generalize this. Perhaps I can sell a arm7 based NAS :)
More information about the samba
mailing list