[Samba] Replication fails after DC re-joined to domain
rpenny at samba.org
Thu Feb 8 08:49:09 UTC 2018
On Thu, 08 Feb 2018 06:45:28 +1300
Andrew Bartlett via samba <samba at lists.samba.org> wrote:
> On Wed, 2018-02-07 at 18:38 +0100, Denis Cardon via samba wrote:
> > Hi Roy,
> > > First some background:
> > > ==================
> > > I had a test environment which had two samba DCs (running v
> > > 4.8.0rc2) and 1 Windows Server 2008R2 DC. The samba DCs had
> > > been upgraded from v 4.6x and the secrets database was not
> > > encrypted (as far as I know). I decided to downgrade one of
> > > the samba DCs to v 4.7.4.
> > >
> > > On re-starting samba after the downgrade the log shows:
> > >
> > > ldb: unable to
> > > dlopen /usr/local/samba/lib/ldb/encrypted_secrets.so : /usr/local/samba/lib/private/libdsdb-module-samba4.so:
> > > version `SAMBA_4.8.0RC2' not found (required
> > > by /usr/local/samba/lib/ldb/encrypted_secrets.so)
> > when you are doing your downgrade, did you clean up all the
> > /usr/local/samba directory or did you make && make install over the
> > existing installation?
> > If it was a quick'n dirty make && make install over the existing
> > 4.8 install, could you try to do a install on a clean directory and
> > then copy over etc/smb.conf, private/ and var/locks/?
> > Cheers,
> > Denis
> This is exactly the issue. The install has left an ldb plugin
> (encrypted_secrets.so) around which blocks operation as it can't
> operate with the older Samba version but isn't overwritten as it
> didn't exist in the older version.
The release notes clearly say this:
However, an in-place upgrade will not encrypt the database.
So, the upgrade shouldn't create the ldb plugin, either that or rewrite
the release notes.
More information about the samba