[Samba] error when samba-tool domain classicupgrade
Gavrilov Aleksey
gavrilov at info74.ru
Thu Jun 4 01:24:15 MDT 2015
When you try to upgrade on a test stand, an error occurs.
I do not understand that you need to add ldap, or improve migration script?
Before that I tried to version 4.1.7, but the error was the sam
root at dc1:~/smb_old# samba --version
Version 4.2.2-SerNet-Ubuntu-7.trusty
I also modified the file
--- ./upgrade.py 2014-10-01 00:00:00.000000000 +0600
+++ /usr/lib/python2.7/dist-packages/samba/upgrade.py 2015-06-04 11:28:13.533990924 +0500
@@ -467,6 +467,9 @@
ldapuser = samba3.lp.get("ldap admin dn")
ldappass = secrets_db.get_ldap_bind_pw(ldapuser)
if ldappass is None:
+ ldappass = "pass" #1. Why is not defined in the file but it is available
+
+ if ldappass is None:
raise ProvisioningError("ldapsam passdb backend detected but no LDAP Bind PW found in secrets.tdb for user %s. Please point this tool at the secrets.tdb that was used by the previous installation.")
ldappass = ldappass.strip('\x00')
ldap = True
@@ -562,7 +565,8 @@
continue
if entry['rid'] >= next_rid:
next_rid = entry['rid'] + 1
-
+ if username in "badretdinova":
+ continue
+ #2. The user has no in the ldap directory. I understand where he takes it. On it there is an error that no such user unix.
user = s3db.getsampwnam(username)
acct_type = (user.acct_ctrl & (samr.ACB_NORMAL|samr.ACB_WSTRUST|samr.ACB_SVRTRUST|samr.ACB_DOMTRUST))
if acct_type == samr.ACB_SVRTRUST:
smb.conf from the old server
[global]
workgroup = 74ru
netbios name = dc1
server string = Chelyabinsk PDC
security = user
enable privileges = yes
admin users = @nt_admins
hosts allow = 192.168. 127. 10.8.
load printers = no
log file = /var/log/samba.log
max log size = 500
encrypt passwords = yes
passdb backend = ldapsam:"ldap://192.168.0.7/"
#passdb backend = ldapsam:"ldap://127.0.0.1/"
ldap suffix = ou=chelyabinsk,dc=rugion,dc=ru
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap admin dn = "cn=admin,dc=rugion,dc=ru"
ldap delete dn = no
ldap ssl = off
ldap passwd sync = yes
socket options = TCP_NODELAY
smb ports = 139
idmap gid = 10000-30000
idmap uid = 10000-30000
local master = yes
os level = 200
domain master = yes
preferred master = yes
domain logons = yes
logon script = logon.bat
logon path =
logon home =
logon drive =
wins support = yes
dns proxy = no
unix charset = UTF-8
time server = yes
add machine script = /usr/local/sbin/ldapaddmachine '%u' nt_computers
add user script = /usr/local/sbin/ldapadduser '%u' nt_users
add group script = /usr/local/sbin/ldapaddgroup '%g'
add user to group script = /usr/local/sbin/ldapaddusertogroup '%u' '%g'
delete user script = /usr/local/sbin/ldapdeleteuser '%u'
delete group script = /usr/local/sbin/ldapdeletegroup '%g'
delete user from group script = /usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'
set primary group script = /usr/local/sbin/ldapsetprimarygroup '%u' '%g'
rename user script = /usr/local/sbin/ldaprenameuser '%uold' '%unew'
[netlogon]
comment = Network Logon Service
path = /usr/samba/netlogon/
guest ok = yes
writable = no
share modes = no
browseable = no
write list = @nt_admins
create mode = 666
directory mode = 777
[IPC$]
path = /tmp
also used the following structure ldap
Each unit is self-ldap samba3 nt domain
dc=rugion,dc=ru
ou=arkhangelsk,dc=rugion,dc=ru
ou=chelyabinsk,dc=rugion,dc=ru
ou=kazan,dc=rugion,dc=ru
ou=mcrugion,dc=rugion,dc=ru
ou=perm,dc=rugion,dc=ru
ou=rostov,dc=rugion,dc=ru
ou=samara,dc=rugion,dc=ru
ou=tumen,dc=rugion,dc=ru
ou=ufa,dc=rugion,dc=ru
ou=volgograd,dc=rugion,dc=ru
ou=yaroslavl,dc=rugion,dc=ru
root at dc1:~/smb_old# samba-tool domain classicupgrade --dbdir=/root/smb_old/ --use-xattrs=yes --realm=74ru.mpautina.ru --dns-backend=BIND9_DLZ /root/smb_old/smb.conf
Reading smb.conf
Unknown parameter encountered: "share modes"
Ignoring unknown parameter "share modes"
Provisioning
Exporting account policy
Exporting groups
Exporting users
Demoting BDC account trust for pdc, this DC must be elevated to an AD DC using 'samba-tool domain dcpromo'
Next rid = 132070
Failed to bind - LDAP error 34 LDAP_INVALID_DN_SYNTAX - <invalid DN> <>
Failed to connect to 'ldap://192.168.0.7/' with backend 'ldap': (null)
ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception - ProvisioningError: Could not open ldb connection to ldap://192.168.0.7/, the error message is: (34, None)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 1452, in run
useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)
raise ProvisioningError("Could not open ldb connection to %s, the error message is: %s" % (url, e))
root at dc1:~/smb_old#
--
Sincerely, Alexei Gavrilov
System Administrator
74.RU
tel .: 8 (351) 729-94-90, ext. 345
mob. 8904804 79 34
jabber: gavrilov at info74.ru
mailto: gavrilov at info74.ru
sip: 345 at info74.ru
Chelyabinsk, st. Melkombinat February 1st Precinct, 18, office 208
for TRC `Rodnik`
More information about the samba
mailing list