[Samba] Fwd: Migrating server

Harry Jede walk2sun at arcor.de
Thu Mar 8 09:51:32 UTC 2018 

Hi Rob,
> Hi Harry,
> 
> sadmin and tadmin are both admin logins. I was trying to domain join
> with both. sadmin is in ldap
> 
> The  olcdbindex.ldif gave this error
> 
> SASL/EXTERNAL authentication started SASL username:
> gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL 
SSF: 0
> modifying entry "olcDatabase={1}hdb,cn=config" ldap_modify: Other
> (e.g., implementation specific) error (80) additional info: index
> attribute "dhcpClassData" undefined
This attribute belongs to an objectclass you have not installed. Sorry.
In the attached ldif I have cleared this. Try again:

replace the indices
# ldapmodify -Y external -H ldapi:///  -f olcdbindex.ldif 

stop slapd
# /etc/init.d/slapd stop 

re-index
# slapindex -v -n 1 

start slapd
# /etc/init.d/slapd start

> 
> 
> I did the indexing
No, on error slapd wont modify!

> and also the log level
Yes, it is working. But, when you paste the lines in your mail composer you 
must turn of "line wrapping". Otherwise it is really hard to read.
 
> Here is what I got with tail -f /var/log/syslog|sed -nre 's/^.*(
> slapd.*$)/\1/p' net getlocasid
> 
> slapd[2332]: <= bdb_equality_candidates: (uid) not indexed
> slapd[2332]: conn=1090 op=10 SEARCH RESULT tag=101 err=0 
nentries=1
> text= slapd[2332]: conn=1090 op=11 SRCH base="dc=mydomain" 
scope=2
> deref=0
> filter="(&(gidNumber=1005)(objectClass=sambaGroupMapping))"
> slapd[2332]: conn=1090 op=11 SRCH attr=sambaSID slapd[2332]: <=
> bdb_equality_candidates: (gidNumber) not indexed slapd[2332]:
> conn=1090 op=11 SEARCH RESULT tag=101 err=0 nentries=0 text=
> slapd[2332]: conn=1090 op=12 SRCH base="dc=mydomain" scope=2 
deref=0
> filter="(&(uid=dozer15$)(objectClass=sambaSamAccount))" 
slapd[2332]:
> conn=1090 op=12 SRCH attr=uid uidNumber gidNumber homeDirectory
> sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange 
sambaLogonTime
> sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive
> sambaHomePath sambaLogonScript sambaProfilePath description
> sambaUserWorkstations sambaSID sambaPrimaryGroupSID 
sambaLMPassword
> sambaNTPassword sambaDomainName objectClass sambaAcctFlags
> sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
> sambaPasswordHistory modifyTimestamp sambaLogonHours 
modifyTimestamp
> uidNumber gidNumber homeDirectory loginShell gecos slapd[2332]: <=
> bdb_equality_candidates: (uid) not indexed slapd[2332]: conn=1090
> op=12 SEARCH RESULT tag=101 err=0 nentries=1 text= slapd[2332]:
> conn=1090 op=13 SRCH base="dc=mydomain" scope=2 deref=0
> filter="(&(gidNumber=1005)(objectClass=sambaGroupMapping))"
> slapd[2332]: conn=1090 op=13 SRCH attr=sambaSID slapd[2332]: <=
> bdb_equality_candidates: (gidNumber) not indexed slapd[2332]:
> conn=1090 op=13 SEARCH RESULT tag=101 err=0 nentries=0 text=
> slapd[2332]: conn=1090 op=14 SRCH base="dc=mydomain" scope=2 
deref=0
> filter="(&(uid=dozer15$)(objectClass=sambaSamAccount))" 
slapd[2332]:
> conn=1090 op=14 SRCH attr=uid uidNumber gidNumber homeDirectory
> sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange 
sambaLogonTime
> sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive
> sambaHomePath sambaLogonScript sambaProfilePath description
> sambaUserWorkstations sambaSID sambaPrimaryGroupSID 
sambaLMPassword
> sambaNTPassword sambaDomainName objectClass sambaAcctFlags
> sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
> sambaPasswordHistory modifyTimestamp sambaLogonHours 
modifyTimestamp
> uidNumber gidNumber homeDirectory loginShell gecos slapd[2332]: <=
> bdb_equality_candidates: (uid) not indexed slapd[2332]: conn=1090
> op=14 SEARCH RESULT tag=101 err=0 nentries=1 text= slapd[2332]:
> conn=1090 op=15 SRCH base="dc=mydomain" scope=2 deref=0
> filter="(&(gidNumber=1005)(objectClass=sambaGroupMapping))"
> slapd[2332]: conn=1090 op=15 SRCH attr=sambaSID slapd[2332]: <=
> bdb_equality_candidates: (gidNumber) not indexed slapd[2332]:
> conn=1090 op=15 SEARCH RESULT tag=101 err=0 nentries=0 text=
> slapd[2332]: conn=1090 fd=20 closed (connection lost) slapd[2332]:
> conn=1091 fd=20 ACCEPT from IP=[::1]:38914 (IP=[::]:389) slapd[2332]:
> conn=1091 op=0 BIND dn="cn=admin,dc=mydomain" method=128 
slapd[2332]:
> conn=1091 op=0 BIND dn="cn=admin,dc=mydomain" mech=SIMPLE 
ssf=0
> slapd[2332]: conn=1091 op=0 RESULT tag=97 err=0 text= slapd[2332]:
> conn=1091 op=1 SRCH base="" scope=0 deref=0 
filter="(objectClass=*)"
> slapd[2332]: conn=1091 op=1 SRCH attr=supportedControl 
slapd[2332]:
> conn=1091 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
> slapd[2332]: conn=1091 op=2 SRCH base="dc=mydomain" scope=2 
deref=0
> filter="(&(objectClass=sambaDomain)(sambaDomainName=mydomain))"
> slapd[2332]: conn=1091 op=2 SRCH attr=sambaDomainName 
sambaNextRid
> sambaNextUserRid sambaNextGroupRid sambaSID 
sambaAlgorithmicRidBase
> objectClass slapd[2332]: conn=1091 op=2 SEARCH RESULT tag=101 
err=0
> nentries=1 text= slapd[2332]: conn=1091 fd=20 closed (connection 
lost)
"slapd[2332]: conn=1091" was the "net getlocalsid" command.

Please post also the output  of:
# net getlocalsid
and
# net getdomainsid

> Joining the machine to the domain
> 
> slapd[2332]: conn=1120 op=9 SRCH base="dc=mydomain" scope=2 
deref=0
> filter="(&(uid=sadmin)(objectClass=sambaSamAccount))" slapd[2332]:
> conn=1120 op=9 SRCH attr=uid uidNumber gidNumber homeDirectory
> sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange 
sambaLogonTime
> sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive
> sambaHomePath sambaLogonScript sambaProfilePath description
> sambaUserWorkstations sambaSID sambaPrimaryGroupSID 
sambaLMPassword
> sambaNTPassword sambaDomainName objectClass sambaAcctFlags
> sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
> sambaPasswordHistory modifyTimestamp sambaLogonHours 
modifyTimestamp

More information about the samba mailing list