[Samba] classic upgrade error "uncaught exception - Unable to add sam account 'guest', "

xingya xu xingya.xu at gmail.com
Mon Aug 15 07:46:50 UTC 2016


hello.these days ,I diceded to migrating a Samba NT4 domain to a Samba AD
domain.I follow all the steps as this link "
https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_domain_to_a_Samba_AD_domain_(classic_upgrade)
"
but I have error when samba-tool domain classic upgrade using
sernet-samba-4.4.logs like this:
[root at pdc dbdir]# samba-tool domain classicupgrade
--dbdir=/root/dbdir/samba --use-xattrs=yes \
> --realm=adagene.cn --dns-backend=SAMBA_INTERNAL /root/dbdir/smb.conf
Reading smb.conf
Unknown parameter encountered: "display charset"
Ignoring unknown parameter "display charset"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[laboratory_share]"
Processing section "[company_general]"
Processing section "[administrator]"
Processing section "[HR]"
Processing section "[computation]"
Processing section "[IT]"
Processing section "[ip]"
Processing section "[BD_Intel]"
Processing section "[application]"
Processing section "[safety]"
Processing section "[sequencing_oligo]"
Processing section "[hr_employee]"
Processing section "[caiwu]"
Processing section "[grant]"
Processing section "[sequence]"
Processing section "[cn_patent]"
Processing section "[software develop]"
Processing section "[BI]"
Processing section "[Project Management]"
Processing section "[Project]"
Processing section "[Trial]"
Processing section "[Remote_Work]"
Processing section "[Group_Management]"
Provisioning
Exporting account policy
Exporting groups
Exporting users
Ignoring group memberships of 'ding_zuo'
S-1-5-21-570971082-1333357699-3675202899-1158: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'adagene016$'
S-1-5-21-570971082-1333357699-3675202899-1036: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'peter_cheung'
S-1-5-21-570971082-1333357699-3675202899-1279: Unable to enumerate group
memberships, (-1073741724,No such user)
........a lot of these Ignoring group memberships........

Next rid = 1295
Exporting posix attributes
Reading WINS database
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
ldb_wrap open of hklm.ldb
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
partition_metadata: Migrating partition metadata: open of metadata.tdb
gave: (null)
Adding DomainDN: DC=adagene,DC=cn
DN: DC=adagene,DC=cn is a NC
Adding configuration container
DN: CN=Configuration,DC=adagene,DC=cn is a NC
Setting up sam.ldb schema
DN: CN=Schema,CN=Configuration,DC=adagene,DC=cn is a NC
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Setting acl on sysvol skipped
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=adagene,DC=cn
Creating DomainDnsZones and ForestDnsZones partitions
DN: DC=DomainDnsZones,DC=adagene,DC=cn is a NC
DN: DC=ForestDnsZones,DC=adagene,DC=cn is a NC
Populating DomainDnsZones and ForestDnsZones partitions
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at
/var/lib/samba/private/krb5.conf
Setting up fake yp server settings
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              pdc
NetBIOS Domain:        ADAGENE
DNS Domain:            adagene.cn
DOMAIN SID:            S-1-5-21-570971082-1333357699-3675202899
Importing WINS database
Importing Account policy
Importing idmap database
Cannot open idmap database, Ignoring: [Errno 2] No such file or directory
lp_load_ex: refreshing parameters
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
Adding groups
Importing groups
Group already exists sid=S-1-5-21-570971082-1333357699-3675202899-512,
groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
Committing 'add groups' transaction to disk
Adding users
Importing users
User root has been kept in the directory, it should be removed in favour of
the Administrator user
ERROR(<class 'passdb.error'>): uncaught exception - Unable to add sam
account 'guest', (-1073741725,User exists)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line
175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line
1565, in run
    useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)
  File "/usr/lib64/python2.7/site-packages/samba/upgrade.py", line 801, in
upgrade_from_samba3
    s4_passdb.add_sam_account(userdata[username])


what should I do?pls help


More information about the samba mailing list