[Samba] Unable to rejoin to domain as AD DC

L.P.H. van Belle belle at bazuin.nl
Thu Mar 29 12:42:20 UTC 2018 

>From you log:
STATUS=daemon failed to start: Samba detected misconfigured 'server role' 

Can you post your smb.conf? 

Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Krzysztof Paszkowski via samba
> Verzonden: donderdag 29 maart 2018 14:32
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Unable to rejoin to domain as AD DC
> 
> Hi all,
> 
> I was trying to upgrade samba to 4.8.0 on one of my AD DC 
> (with Centos 6.6).
> Sadly, there was some compatibility issues (I suppose so):
> [root at backup samba-4.8.0]# samba-tool drs showrepl ERROR(<type
> 'exceptions.SyntaxError'>): uncaught exception - invalid syntax
> (ms_schema.py, line 280)
>   File "/usr/local/samba/bin/samba-tool", line 45, in <module>
>     retval = cmd._run("samba-tool", subcommand, *args)
>   File
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/_
> _init__.py",
> line 202, in _run
>     return self.subcommands[subcommand]._run(
>   File
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/m
> ain.py", line
> 35, in __getitem__
>     fromlist=['cmd_%s' % attr]),
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/drs.py",
> line 37, in <module>
>     from samba.join import join_clone
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> 29, in <module>
>     from samba.provision import secretsdb_self_join, provision,
> provision_fill, FILL_DRS, FILL_SUBDOMAIN
>   File
> "/usr/local/samba/lib64/python2.6/site-packages/samba/provisio
> n/__init__.py"
> , line 77, in <module>
>     from samba.provision.backend import (
>   File
> "/usr/local/samba/lib64/python2.6/site-packages/samba/provisio
> n/backend.py",
> line 43, in <module>
>     from samba.schema import Schema
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/schema.py",
> line 28, in <module>
>     from samba.ms_schema import read_ms_schema
> 
> I wasn't able to do anything.
> I was trying to downgrade, but:
> 
> [root at backup samba-4.8.0]# source4/scripting/bin/sambaundoguididx
> Traceback (most recent call last):
>   File "source4/scripting/bin/sambaundoguididx", line 15, in <module>
>     from samba.dbchecker import dbcheck
>   File "bin/python/samba/dbchecker.py", line 32, in <module>
>     from samba.descriptor import get_wellknown_sds, get_diff_sds
>   File "bin/python/samba/descriptor.py", line 31, in <module>
>     from samba.schema import get_schema_descriptor
>   File "bin/python/samba/schema.py", line 28, in <module>
>     from samba.ms_schema import read_ms_schema
>   File "bin/python/samba/ms_schema.py", line 280
>     entry = header + [x for x in entry if x[0].lower() not in {'dn',
> 'changetype', 'objectcategory'}]
> SyntaxError: invalid syntax
> 
> Make install 4.7.6 and
> 
> [root at backup samba-4.7.6]# tail -f /usr/local/samba/var/log.samba
>   STATUS=daemon failed to start: Samba detected misconfigured 
> 'server role'
> and exited. Check logs for details, error code 22
> [2018/03/27 23:05:20.378608,  0]
> ../source4/smbd/server.c:448(binary_smbd_main)
>   samba version 4.7.6 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2017
> [2018/03/27 23:05:20.449842,  0]
> ../source4/smbd/server.c:600(binary_smbd_main)
>   At this time the 'samba' binary should only be used for either:
>   'server role = active directory domain controller' or to 
> access the ntvfs
> file server with 'server services = +smb' or the rpc proxy 
> with 'dcerpc
> endpoint servers = remote'
>   You should start smbd/nmbd/winbindd instead for domain member and
> standalone file server tasks
> [2018/03/27 23:05:20.449979,  0]
> ../lib/util/become_daemon.c:111(exit_daemon)
>   STATUS=daemon failed to start: Samba detected misconfigured 
> 'server role'
> and exited. Check logs for details, error code 22
> 
> 
> Local demoting didn't work either, so I decided to demote it 
> from main DC
> and join as new one. Everything looked fine. Server vanished from
> controllers and DNS. Unfortunately the joining process has failed:
> 
> Join failed - cleaning up
> ERROR(ldb): uncaught exception - LDAP error 50
> LDAP_INSUFFICIENT_ACCESS_RIGHTS -  <Failed to add CN=BACKUP1,OU=Domain
> Controllers,DC=luxmed,DC=net,DC=pl: Updating the 
> UF_TRUSTED_FOR_DELEGATION
> bit in
>   File
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/_
> _init__.py",
> line 176, in _run
>     return self.run(*args, **kwargs)
>   File
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/d
> omain.py",
> line 661, in run
>     machinepass=machinepass, use_ntvfs=use_ntvfs, 
> dns_backend=dns_backend)
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> 1474, in join_DC
>     ctx.do_join()
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> 1375, in do_join
>     ctx.join_add_objects()
>   File 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> 611, in join_add_objects
>     ctx.samdb.add(rec)
> 
> 
> Any help appreciated. 
> 
> Regards,
> Kris
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list