[Samba] unique index violation on objectSid on samba ad
Marc Muehlfeld
mmuehlfeld at samba.org
Mon Oct 19 12:39:31 UTC 2015
Hello Ivan,
Am 19.10.2015 um 12:42 schrieb Krutskikh Ivan:
> I think, I've done something stupid here. At first I've created 2 lxc
> containers and provisioned one as dc.office.mtt and joined second one to
> the first ad bdc.tsnr.mtt.
You should not name your DC something like "backup" (bdc). If the first
one (dc) gets lost, you only have one. There's no primary, secondary,
etc. in an AD.
But this isn't your problem :-)
> Then I've cloned those containers several times
> and changed ip adresses and dns names of new containers to different
> subnets.
This was the mistake you made. Don't join and then clone! DCs have GUIDs
inside the AD. If you change the name/IP after the join, you have two
hosts with the same GUID in AD and you will of course get replication
problems.
Is this already in production or just with a large number of
user/computers? If not, start from scratch. I think it's much less work
and risk to prevent upcomming trouble in future.
1. Install first DC
2. Provision a domain on it
3. Install second DC as template (just install OS + Samba, but don't join!)
4. Clone your machine
5. Give the clone a new hostname and IP
6. Join the cloned machine to the domain
7. Repeat 4-6 for all DCs you want to create.
Regards,
Marc
More information about the samba
mailing list