[Samba] Trouble during classicupgrade

Andreas Heinlein aheinlein at gmx.com
Sat Nov 25 15:49:24 UTC 2017 

Hello,

I need to do a classic migration on a machine which has until now been
running samba as an old NT4-style PDC. I made a copy of that machine in
a VM to test the process. Until now, things don't work quite right. I
was following the classic upgrade howto from wiki.samba.org. I was using
the method with internal DNS. Classicupgrade itself ran without errors,
I followed the steps after provisioning in the setup guide until the
connection test with smbclient:

smbclient -L localhost -U%
session setup failed: NT_STATUS_INTERNAL_ERROR

With log level raised to 5, I can find in log.smbd:

[2017/11/25 16:41:48.248479,  1]
../source3/smbd/sesssetup.c:290(reply_sesssetup_and_X_spnego)
  Failed to generate session_info (user and group token) for session
setup: NT_STATUS_INTERNAL_ERROR

Turning log level to 10 I get an awful lot of info, including several
messages:

Duplicate base-DN matches found for <SID=1-5-11>

These errors also occur during the classicupgrade when run with log
level 10. But I can't find anything useful in all these log messages.

I can post full logs if you want, but I'm not going to attach them here
due to the size.

I am running Debian 9 with samba 4.5.12. Before you ask, no I cannot
upgrade. This is what comes with debian and I will have to stick with it.

Thanks,

Andreas

-------------- next part --------------
[global]
        local master = yes
        domain master = yes
        preferred master = yes
        unix charset = iso8859-15
        workgroup = WG
        interfaces = lo, eth1
        bind interfaces only = yes
        obey pam restrictions = Yes
        passdb backend = tdbsam
        pam password change = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n
        unix password sync = Yes
        logging = syslog file
        log file = /var/log/samba/log.smbd
        max log size = 4000
        log level = 1
        printcap name = /dev/null
        add user script = /usr/sbin/adduser --quiet --disabled-password --force-badname %u
        delete user script = /usr/sbin/deluser --quiet --remove-home %u
        add group script = /usr/sbin/adduser --group --quiet %g
        delete group script = /usr/sbin/deluser --group --quiet %g
        add user to group script = /usr/sbin/adduser --quiet %u %g
        delete user from group script = /usr/sbin/deluser --quiet %u %g
        add machine script = /usr/sbin/adduser --quiet --ingroup machines --shell /bin/false --home /dev/null --no-create-home --disabled-password --force-badname %u
        logon script = netlogon.cmd
        domain logons = Yes
        os level = 65
        dns proxy = No
        wins support = Yes
        ldap ssl = no
        panic action = /usr/share/samba/panic-action %d
        create mask = 0770
        directory mask = 0770
        load printers = no
        printing = bsd
        show add printer wizard = no
        disable spoolss = yes
        usershare max shares = 0

More information about the samba mailing list