[Samba] Samba Migration and AD integration

L.P.H. van Belle belle at bazuin.nl
Tue Feb 6 07:46:22 UTC 2018 

> The migration didn't generate DNS entries for the new realm. 
> We had to manually create a new zone file (/var/cache/bind)
That does not look right.
Dont use BIND9_FLATE file zones. 

Start reading here.
https://wiki.samba.org/index.php/The_Samba_AD_DNS_Back_Ends 

Greetz, 

Louis



 

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Praveen Ghimire via samba
> Verzonden: dinsdag 6 februari 2018 4:05
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Samba Migration and AD integration
> 
> Hi,
> 
> We migrated from Samba 3 to 4 (4.6.7-Ubuntu) and added 
> promoted a Server 2008R2 as a Domain Controller. We've come 
> across the following issues and request some suggestions to 
> resolve them
> 
> 
> -          The migration didn't generate DNS entries for the 
> new realm. We had to manually create a new zone file 
> (/var/cache/bind) for the new realm. Only then we were able 
> to promote the Server2008 R2 as the DC. Is this an expected 
> outcome post migration?
> 
> -          Similarly, the dhcpd.conf file exhibited the same 
> outcome as above.
> 
> -          When we added a new machine to the domain, it 
> didn't update the DNS record in the Samba box.  The machine 
> joins to the domain but there is no DNS record for it.
> 
> -          We added the DNS role in the Server2008 R2 DC, 
> what we found that any record created in Bind9 gets 
> replicated to the Windows server but no vice-versa.
> 
> The AD user bit seems to sync ok between the servers.
> 
> The samba-tool dbcheck -cross-ncs gives the following
> 
> 
> samba-tool dbcheck --cross-ncs
> Checking 3835 objects
> ERROR(<type 'exceptions.ValueError'>): uncaught exception - 
> unable to parse dn string
>   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
> line 176, in _run
>     return self.run(*args, **kwargs)
>   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/dbcheck.py", 
> line 157, in run
>     controls=controls, attrs=attrs)
>   File "/usr/lib/python2.7/dist-packages/samba/dbchecker.py", 
> line 198, in check_database
>     error_count += self.check_object(object.dn, attrs=attrs)
>   File "/usr/lib/python2.7/dist-packages/samba/dbchecker.py", 
> line 1839, in check_object
>     expected_dn = ldb.Dn(self.samdb, "RDN=RDN,%s" % (parent_dn))
> 
> 
> smb.conf
> 
> [global]
>         netbios name = TEST
>         realm = TESTDC
>         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, 
> kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
>         workgroup = TESTDC
>         server role = active directory domain controller
>         idmap_ldb:use rfc2307 = yes
> 
> [netlogon]
>         path = /var/lib/samba/sysvol/testdc/scripts
>         read only = No
> 
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
> 
> 
> 
> 
> Regards,
> 
> Praveen Ghimire
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list