[Samba] Unable to rejoin to domain as AD DC

L.P.H. van Belle belle at bazuin.nl
Thu Mar 29 13:26:38 UTC 2018 

Ok, smb.conf, that looks pretty normal. 

Os is centos 6.6, i see python 2.6, there was something with 4.8.0 and python 2.6 
I think i found it. ( see below ). 
So you need to wait for 4.8.1 or, upgrade you centos. 

/snap
On Wed, 2018-03-14 at 16:21 +0100, Christophe Borivant via samba wrote:
> Ok, for what i understand, this is a compatibility issue with python 2.6.
> This seems to be in relation with Dict Comprehensions (https://www.python.org/dev/peps/pep-0274/).
> 
> So yet, samba 4.8 cannot run on any rhel 6 like distribution.
> 
> Was it intended ?
> 
> Christophe Borivant

I don't think it was intentional, but it is showing the increasing cost
of maintaining Samba's compatibility with a version of python first
released in 2008!

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba



Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: Krzysztof Paszkowski [mailto:kylo at kimpa.pl] 
> Verzonden: donderdag 29 maart 2018 15:07
> Aan: 'L.P.H. van Belle'
> Onderwerp: RE: [Samba] Unable to rejoin to domain as AD DC
> 
> Sure, here it is.
> Before my try of update everything worked fine.
> # Global parameters
> [global]
>         workgroup = DOMAIN
>         realm = domain.net.pl
>         netbios name = BACKUP
>         server role = active directory domain controller
>         dns forwarder = 8.8.8.8
>         interfaces=br0.10 lo
>         bind interfaces only=yes
>         allow dns updates = nonsecure
>         host msdfs = no
>         template shell = /bin/bash
>         template homedir = /tmp
> 
> #       rpc server port = 49152
> 
> [netlogon]
>         path = /usr/local/samba/var/locks/sysvol/DOMAIN.net.pl/scripts
>         read only = No
> 
> [sysvol]
>         path = /usr/local/samba/var/locks/sysvol
>         read only = No
> 
> 
> Regards,
> Kris
> 
> -----Original Message-----
> From: samba [mailto:samba-bounces at lists.samba.org] On Behalf 
> Of L.P.H. van Belle via samba
> Sent: Thursday, March 29, 2018 2:42 PM
> To: samba at lists.samba.org
> Cc: kylo at kimpa.pl
> Subject: Re: [Samba] Unable to rejoin to domain as AD DC
> 
> From you log:
> STATUS=daemon failed to start: Samba detected misconfigured 
> 'server role' 
> 
> Can you post your smb.conf? 
> 
> Greetz, 
> 
> Louis
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Krzysztof 
> > Paszkowski via samba
> > Verzonden: donderdag 29 maart 2018 14:32
> > Aan: samba at lists.samba.org
> > Onderwerp: [Samba] Unable to rejoin to domain as AD DC
> > 
> > Hi all,
> > 
> > I was trying to upgrade samba to 4.8.0 on one of my AD DC 
> (with Centos 
> > 6.6).
> > Sadly, there was some compatibility issues (I suppose so):
> > [root at backup samba-4.8.0]# samba-tool drs showrepl ERROR(<type
> > 'exceptions.SyntaxError'>): uncaught exception - invalid syntax 
> > (ms_schema.py, line 280)
> >   File "/usr/local/samba/bin/samba-tool", line 45, in <module>
> >     retval = cmd._run("samba-tool", subcommand, *args)
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/_
> > _init__.py",
> > line 202, in _run
> >     return self.subcommands[subcommand]._run(
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/m
> > ain.py", line
> > 35, in __getitem__
> >     fromlist=['cmd_%s' % attr]),
> >   File
> > 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/drs.py",
> > line 37, in <module>
> >     from samba.join import join_clone
> >   File
> > 
> "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line 
> > 29, in <module>
> >     from samba.provision import secretsdb_self_join, provision, 
> > provision_fill, FILL_DRS, FILL_SUBDOMAIN
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/provisio
> > n/__init__.py"
> > , line 77, in <module>
> >     from samba.provision.backend import (
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/provisio
> > n/backend.py",
> > line 43, in <module>
> >     from samba.schema import Schema
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/schema.py",
> > line 28, in <module>
> >     from samba.ms_schema import read_ms_schema
> > 
> > I wasn't able to do anything.
> > I was trying to downgrade, but:
> > 
> > [root at backup samba-4.8.0]# source4/scripting/bin/sambaundoguididx
> > Traceback (most recent call last):
> >   File "source4/scripting/bin/sambaundoguididx", line 15, 
> in <module>
> >     from samba.dbchecker import dbcheck
> >   File "bin/python/samba/dbchecker.py", line 32, in <module>
> >     from samba.descriptor import get_wellknown_sds, get_diff_sds
> >   File "bin/python/samba/descriptor.py", line 31, in <module>
> >     from samba.schema import get_schema_descriptor
> >   File "bin/python/samba/schema.py", line 28, in <module>
> >     from samba.ms_schema import read_ms_schema
> >   File "bin/python/samba/ms_schema.py", line 280
> >     entry = header + [x for x in entry if x[0].lower() not 
> in {'dn', 
> > 'changetype', 'objectcategory'}]
> > SyntaxError: invalid syntax
> > 
> > Make install 4.7.6 and
> > 
> > [root at backup samba-4.7.6]# tail -f /usr/local/samba/var/log.samba
> >   STATUS=daemon failed to start: Samba detected 
> misconfigured 'server 
> > role'
> > and exited. Check logs for details, error code 22
> > [2018/03/27 23:05:20.378608,  0]
> > ../source4/smbd/server.c:448(binary_smbd_main)
> >   samba version 4.7.6 started.
> >   Copyright Andrew Tridgell and the Samba Team 1992-2017
> > [2018/03/27 23:05:20.449842,  0]
> > ../source4/smbd/server.c:600(binary_smbd_main)
> >   At this time the 'samba' binary should only be used for either:
> >   'server role = active directory domain controller' or to 
> access the 
> > ntvfs file server with 'server services = +smb' or the rpc 
> proxy with 
> > 'dcerpc endpoint servers = remote'
> >   You should start smbd/nmbd/winbindd instead for domain member and 
> > standalone file server tasks
> > [2018/03/27 23:05:20.449979,  0]
> > ../lib/util/become_daemon.c:111(exit_daemon)
> >   STATUS=daemon failed to start: Samba detected 
> misconfigured 'server 
> > role'
> > and exited. Check logs for details, error code 22
> > 
> > 
> > Local demoting didn't work either, so I decided to demote it 
> > from main DC
> > and join as new one. Everything looked fine. Server vanished from
> > controllers and DNS. Unfortunately the joining process has failed:
> > 
> > Join failed - cleaning up
> > ERROR(ldb): uncaught exception - LDAP error 50
> > LDAP_INSUFFICIENT_ACCESS_RIGHTS -  <Failed to add 
> CN=BACKUP1,OU=Domain
> > Controllers,DC=luxmed,DC=net,DC=pl: Updating the 
> > UF_TRUSTED_FOR_DELEGATION
> > bit in
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/_
> > _init__.py",
> > line 176, in _run
> >     return self.run(*args, **kwargs)
> >   File
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/d
> > omain.py",
> > line 661, in run
> >     machinepass=machinepass, use_ntvfs=use_ntvfs, 
> > dns_backend=dns_backend)
> >   File 
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> > 1474, in join_DC
> >     ctx.do_join()
> >   File 
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> > 1375, in do_join
> >     ctx.join_add_objects()
> >   File 
> > "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line
> > 611, in join_add_objects
> >     ctx.samdb.add(rec)
> > 
> > 
> > Any help appreciated. 
> > 
> > Regards,
> > Kris
> > 
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> > 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list