[Samba] Joining a Windows Server 2008 R2 to existing Samba4 domain
Chris Alavoine
chrisa at acs-info.co.uk
Mon Oct 17 16:32:34 UTC 2016
Hi Marc,
Unfortunately, I have around 600 of these errors.
I've tested manually deleting an offending entry using ldbedit -H and the
subsequent dbcheck test goes down by 1 so this would suggest that I can fix
it this way... although not sure if this is:
a. A good idea
b: The best way to fix this.
Any pointers most welcome.
Thanks,
Chris.
On 14 October 2016 at 15:35, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
> Hi Marc,
>
> Thanks for your reply.
>
> We are using BIND9_DLZ currently as the DNS backend
>
> I manually selected a replication partner (the FSMO roles DC).
>
> We do have some errors when doing a dbcheck but I'm not able to fix them.
> I've detailed this in another post.
>
> Here is an example of each type:
>
> Example1:
> *ERROR: incorrect GUID component for member in object
> CN=examplegroup,OU=Groups,DC=example,DC=internal,DC=com -
> <GUID=77ad92b5ade70e449dcc481624928310>;<RMD_ADDTIME=
> 130393476680000000>;<RMD_CHANGETIME=130976799640000000>
> ;<RMD_FLAGS=1>;<RMD_INVOCID=98307faefea70749933e6946b1b144
> 20>;<RMD_LOCAL_USN=1445979>;<RMD_ORIGINATING_USN=303848>;<
> RMD_VERSION=1>;<SID=010500000000000515000000e8e83f
> 391df4408a63c6a6b4d25a0000>;CN=simon.test,CN=Users,DC=
> example,DC=internal,DC=com*
>
> Example2:
> *ERROR: incorrect DN string component for member in object
> CN=admin-group-001,OU=Groups,DC=example,DC=internal,DC=com -
> <GUID=38370cfc-6751-49bb-945e-d2b5e028f0f3>;<RMD_ADDTIME=
> 130941544260000000>;<RMD_CHANGETIME=130941560040000000>
> ;<RMD_FLAGS=1>;<RMD_INVOCID=a65d0f39-311e-4031-aa56-
> a8585bfc1b8f>;<RMD_LOCAL_USN=1443123>;<RMD_ORIGINATING_USN=
> 1443123>;<RMD_VERSION=1>;<SID=S-1-5-21-960489704-2319512605-
> 3030828643-1219569>;CN=user.test,OU=Test
> OU,DC=example,DC=internal,DC=com*
>
> Example3:
> *unable to find object for DN
> CN=test.user2,CN=Users,DC=example,DC=internal,DC=com - (No such Base DN:
> CN=test.user2,CN=Users,DC=example,DC=internal,DC=com)*
> *Not removing dangling forward link*
>
> I have edited these entries to maintain anonymity.
>
> Any ideas on how to remove these errors?
>
> Thanks again,
> Chris.
>
> On 14 October 2016 at 15:17, Marc Muehlfeld <mmuehlfeld at samba.org> wrote:
>
>> Hi Chris,
>>
>> Am 14.10.2016 um 11:53 schrieb Chris Alavoine via samba:
>> > https://wiki.samba.org/index.php/Joining_a_Windows_Server_20
>> 08_/_2008_R2_DC_to_a_Samba_AD
>> >
>> > but have never managed to get full replication working.
>> >
>> > Could this be because I'm coming from a classicupgrade? Has anyone else
>> out
>> > there managed to get this working?
>>
>> I'm the author of this documentation. I recently rewrote it and at the
>> same time retested the procedure with 4.5.0 and everything worked.
>> However, I know this does not help you. :-)
>>
>> * What DNS back end do you use? Internal or BIND9_DLZ?
>>
>> * Did you let 2008 auto-select a replication partner during the dcpromo
>> or did you select a specific DC?
>>
>> * Does "samba-tool dbcheck --cross-ncs" shows any errors? Fix them.
>>
>>
>> Regards,
>> Marc
>>
>
>
>
> --
> ACS (Alavoine Computer Services Ltd)
> Chris Alavoine
> mob +44 (0)7724 710 730
> www.alavoinecs.co.uk
> http://twitter.com/#!/alavoinecs
> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>
--
ACS (Alavoine Computer Services Ltd)
Chris Alavoine
mob +44 (0)7724 710 730
www.alavoinecs.co.uk
http://twitter.com/#!/alavoinecs
http://www.linkedin.com/pub/chris-alavoine/39/606/192
More information about the samba
mailing list