[Samba] Unable to transfer ForestDns/DomainDNS
Andrew Bartlett
abartlet at samba.org
Tue Jul 12 10:31:45 UTC 2016
On Thu, 2016-07-07 at 16:13 -0400, Jason Waters wrote:
> So I joined with samba's internal DNS, then converted to BIND, then
> tested. Seems like it was working. I forced the 2003 machine out,
> cleaned
> up the meta data and everything seemed to be working ok. So I raised
> the
> domain level like this
>
> samba-tool domain level raise
> samba-tool domain level raise --domain-level=2008_R2
> samba-tool domain level raise --forest-level=2008_R2
>
> everything shows as 2008_R2
>
> so now I think I'm making progress. I spin up another linux box, get
> it
> ready to join, starts to join, then fails
>
> says LDAP error 16 LDAP_NO_SUCH_ATTRIBUTE - <0000200A:
> objectclass_attrs:
> attribute 'msDS-SupportedEncryptionTypes' on entry 'CN=DC04,OU=Domain
> Controllers,DC=example,DC=local' was not found in the schema
>
> so I thought well I'm going to try having a windows 2008 r2 server
> join as
> a DC, run dcpromo and it says I need to run /forestprep on the AD.
> Well I
> can't do that now that it is on linux right?
Correct. Currently nobody has coded the magic to allow us to upgrade a
schema in Samba, and dbcheck can't help with that at the moment either.
The cleanest option would be to do it before joining Samba to the 2003
domain with the MS tools. We really should have a minimum schema level
check on the FL raise code (bugs welcome).
Sorry,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list