[Samba] Joining a Windows Server 2008 R2 to existing Samba4 domain

Chris Alavoine chrisa at acs-info.co.uk
Tue Oct 18 15:27:01 UTC 2016


Hi Rowland,

Just saw your message on the lists about adding a tombstone command by
using domain.py.

I appear to have domain.py
in /usr/local/samba/lib/python2.7/site-packages/samba/netcmd, do I need to
do something to activate this?

Thanks,
Chris.

On 17 October 2016 at 17:32, Chris Alavoine <chrisa at acs-info.co.uk> wrote:

> Hi Marc,
>
> Unfortunately, I have around 600 of these errors.
>
> I've tested manually deleting an offending entry using ldbedit -H and the
> subsequent dbcheck test goes down by 1 so this would suggest that I can fix
> it this way... although not sure if this is:
>
> a. A good idea
> b: The best way to fix this.
>
> Any pointers most welcome.
>
> Thanks,
> Chris.
>
> On 14 October 2016 at 15:35, Chris Alavoine <chrisa at acs-info.co.uk> wrote:
>
>> Hi Marc,
>>
>> Thanks for your reply.
>>
>> We are using BIND9_DLZ currently as the DNS backend
>>
>> I manually selected a replication partner (the FSMO roles DC).
>>
>> We do have some errors when doing a dbcheck but I'm not able to fix them.
>> I've detailed this in another post.
>>
>> Here is an example of each type:
>>
>> Example1:
>> *ERROR: incorrect GUID component for member in object
>> CN=examplegroup,OU=Groups,DC=example,DC=internal,DC=com -
>> <GUID=77ad92b5ade70e449dcc481624928310>;<RMD_ADDTIME=1303934
>> 76680000000>;<RMD_CHANGETIME=130976799640000000>;<RMD_
>> FLAGS=1>;<RMD_INVOCID=98307faefea70749933e6946b1b14420>;<
>> RMD_LOCAL_USN=1445979>;<RMD_ORIGINATING_USN=303848>;<RMD_
>> VERSION=1>;<SID=010500000000000515000000e8e83f391df4408a63c6
>> a6b4d25a0000>;CN=simon.test,CN=Users,DC=example,DC=internal,DC=com*
>>
>> Example2:
>> *ERROR: incorrect DN string component for member in object
>> CN=admin-group-001,OU=Groups,DC=example,DC=internal,DC=com -
>> <GUID=38370cfc-6751-49bb-945e-d2b5e028f0f3>;<RMD_ADDTIME=130
>> 941544260000000>;<RMD_CHANGETIME=130941560040000000>;<RMD_
>> FLAGS=1>;<RMD_INVOCID=a65d0f39-311e-4031-aa56-a8585bfc1b8f>;
>> <RMD_LOCAL_USN=1443123>;<RMD_ORIGINATING_USN=1443123>;<RMD_
>> VERSION=1>;<SID=S-1-5-21-960489704-2319512605-303082864
>> 3-1219569>;CN=user.test,OU=Test
>> OU,DC=example,DC=internal,DC=com*
>>
>> Example3:
>> *unable to find object for DN
>> CN=test.user2,CN=Users,DC=example,DC=internal,DC=com - (No such Base DN:
>> CN=test.user2,CN=Users,DC=example,DC=internal,DC=com)*
>> *Not removing dangling forward link*
>>
>> I have edited these entries to maintain anonymity.
>>
>> Any ideas on how to remove these errors?
>>
>> Thanks again,
>> Chris.
>>
>> On 14 October 2016 at 15:17, Marc Muehlfeld <mmuehlfeld at samba.org> wrote:
>>
>>> Hi Chris,
>>>
>>> Am 14.10.2016 um 11:53 schrieb Chris Alavoine via samba:
>>> > https://wiki.samba.org/index.php/Joining_a_Windows_Server_20
>>> 08_/_2008_R2_DC_to_a_Samba_AD
>>> >
>>> > but have never managed to get full replication working.
>>> >
>>> > Could this be because I'm coming from a classicupgrade? Has anyone
>>> else out
>>> > there managed to get this working?
>>>
>>> I'm the author of this documentation. I recently rewrote it and at the
>>> same time retested the procedure with 4.5.0 and everything worked.
>>> However, I know this does not help you. :-)
>>>
>>> * What DNS back end do you use? Internal or BIND9_DLZ?
>>>
>>> * Did you let 2008 auto-select a replication partner during the dcpromo
>>> or did you select a specific DC?
>>>
>>> * Does "samba-tool dbcheck --cross-ncs" shows any errors? Fix them.
>>>
>>>
>>> Regards,
>>> Marc
>>>
>>
>>
>>
>> --
>> ACS (Alavoine Computer Services Ltd)
>> Chris Alavoine
>> mob +44 (0)7724 710 730
>> www.alavoinecs.co.uk
>> http://twitter.com/#!/alavoinecs
>> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>>
>
>
>
> --
> ACS (Alavoine Computer Services Ltd)
> Chris Alavoine
> mob +44 (0)7724 710 730
> www.alavoinecs.co.uk
> http://twitter.com/#!/alavoinecs
> http://www.linkedin.com/pub/chris-alavoine/39/606/192
>



-- 
ACS (Alavoine Computer Services Ltd)
Chris Alavoine
mob +44 (0)7724 710 730
www.alavoinecs.co.uk
http://twitter.com/#!/alavoinecs
http://www.linkedin.com/pub/chris-alavoine/39/606/192


More information about the samba mailing list