[Samba] Fwd: classicupgrade questions

Michal67M at seznam.cz Michal67M at seznam.cz
Mon Jul 9 05:10:17 UTC 2018

 Does anybody know any answer in this topic, please?


 ---------- Původní e-mail ----------
Od: Michal via samba <samba at lists.samba.org>
Komu: samba at lists.samba.org
Datum: 4. 7. 2018 8:58:45
Předmět: [Samba] classicupgrade questions 
"I am trying to do a classicupgrade.  (This is not 1st try, I went through 
once time already; then I deleted all data and trying it again, with 
questions now.) 


samba-tool domain classicupgrade --dbdir=/etc/samba.PDC/ --realm=ad.nemuh.cz

--dns-backend=BIND9_DLZ /etc/samba.PDC/smb.PDC.conf 

Problem a) 
init_sam_from_ldap: Entry found for user: pc0027$ 
init_sam_from_ldap: Failed to find Unix account for pc0027$ 
ldapsam_getsampwnam: init_sam_from_ldap failed for user 'pc0027$'! 
ERROR(<class 'passdb.error'>): uncaught exception - Unable to get user 
information for 'pc0027$', (-1073741724,The specified account does not 
  File "/usr/local/samba.ad/lib64/python2.7/site-packages/samba/netcmd/__ 
init__.py", line 176, in _run 
    return self.run(*args, **kwargs) 
  File "/usr/local/samba.ad/lib64/python2.7/site-packages/samba/netcmd/ 
domain.py", line 1636, in run 
    useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs) 
  File "/usr/local/samba.ad/lib64/python2.7/site-packages/samba/upgrade.py",

line 568, in upgrade_from_samba3 
    user = s3db.getsampwnam(username) 

The machine LDAP data: 
# pc0027$, machines, nspuh.cz 
dn: uid=pc0027$,ou=machines,dc=nspuh,dc=cz 
uid: pc0027$ 
objectClass: account 
objectClass: sambaSamAccount 
sambaPwdMustChange: 2147483647 
sambaAcctFlags: [W          ] 
sambaPwdCanChange: 1158129830 
sambaPwdLastSet: 1158129830 
displayName: PC0027$ 
sambaSID: S-1-5-21-..numbers here...-45023 

When I delete this machine from LDAP, the problem occurs with another 
computer.. and with another.. I finally deleted all machine/computer 
accounts from LDAP to be able to process users.  What's wrong with the 
machine accounts? 

b) After upgrade, a lot of imported users in AD have "account disabled". One

of them, as far as I can remember, was user "anger": 
dn: uid=anger,ou=People,dc=nspuh,dc=cz 
objectClass: shadowAccount 
objectClass: person 
objectClass: inetOrgPerson 
objectClass: OXUserObject 
objectClass: posixAccount 
objectClass: top 
objectClass: sambaSamAccount 
uid: anger 
shadowMin: 0 
shadowMax: 9999 
shadowWarning: 7 
shadowExpire: 0 
cn: anger 
preferredLanguage: EN 
userCountry: Czech Republic 
mailEnabled: OK 
lnetMailAccess: TRUE 
OXAppointmentDays: 5 
OXGroupID: 500 
OXTaskDays: 5 
OXTimeZone:: RXVyb3BlL3ByYWd1ZSA= 
loginShell: /usr/bin/ksh 
uidNumber: 270 
gidNumber: 20 
homeDirectory: /home/anger 
sambaSID: S-1-5-21-......-1540 
employeeNumber: 114 
sambaPwdLastSet: 1344931739 
mail: anger at nemuh.cz 
mailDomain: nemuh.cz 
o: UHN a.s. 
description:: WmRlbsSbayBBbmdlcg== 
givenName:: WmRlbsSbaw== 
sn: ANGER 
gecos: MUDr. Zdenek Anger 
ou: - 

  Why is imported/upgraded account locked? 

c) After upgrade, national characters in (probably) user description and 
givenName are not correctly displayed - there a question marks in the names 

(in AD administration), every user (with national characters in their names)

has the problem. 

Thanks, Michal 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 

More information about the samba mailing list