[Samba] Migration samba 3 to 4

Philippe Maladjian pmaladjian at hilaire.fr
Tue Sep 4 09:05:10 UTC 2018 

Hello,

I am working on the migration of our samba 3.5 domain controller (redhat 
5.7) with ldap backend to samba 4.5 on a new server (debian 9.5).

On the new server I transferred the smb.conf and all the contents of the 
/var/lib/samba folder to a temporary folder /root/samba3.

To start the migration I use the command:

# samba-tool domain samba3upgrade --dbdir =/root/samba3/ --realm = 
MYDOMAIN.LAN /root/samba3/smb.conf

I've this error

Reading smb.conf
WARNING: The "idmap backend" option is deprecated
WARNING: The "idmap uid" option is deprecated
WARNING: The "idmap gid" option is deprecated
Provisioning
Exporting account policy
Exporting groups
Severe DB error, sambaSamAccount can't miss the samba SIDattribute
Ignoring group 'Backup Operators' 
S-1-5-21-3199360825-2299538094-1836089394-551 listed but then not found: 
Unable to enumerate group members, (-1073741596,This error indicates 
that the requested operation cannot be completed due to a catastrophic 
media failure or an on-disk data structure corruption.)
Severe DB error, sambaSamAccount can't miss the samba SIDattribute
Ignoring group 'Domain Users' 
S-1-5-21-3199360825-2299538094-1836089394-513 listed but then not found: 
Unable to enumerate group members, (-1073741596,This error indicates 
that the requested operation cannot be completed due to a catastrophic 
media failure or an on-disk data structure corruption.)
Exporting users
sid S-1-5-21-629504534-1699756358-2856581066-3658 does not belong to our 
domain
sid S-1-5-21-629504534-1699756358-2856581066-3632 does not belong to our 
domain
   Fixing account svimp02$ which had both ACB_NORMAL (U) and ACB_WSTRUST 
(W) set.  Account will be marked as ACB_WSTRUST (W), i.e. as a domain member
   Skipping wellknown rid=501 (for username=nobody)
Next rid = 3867
krb5_init_context failed (Invalid argument)
smb_krb5_context_init_basic failed (Invalid argument)
Failed to connect to ldap URL 'ldap://ldap2.MYDOMAIN' - LDAP client 
internal error: NT_STATUS_BAD_NETWORK_NAME
Failed to connect to 'ldap://ldap2.MYDOMAIN' with backend 'ldap': LDAP 
client internal error: NT_STATUS_BAD_NETWORK_NAME
ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception - 
ProvisioningError: Could not open ldb connection to 
ldap://ldap2.MYDOMAIN, the error message is: (1, 'LDAP client internal 
error: NT_STATUS_BAD_NETWORK_NAME')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 176, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 
1566, in run
     useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)
   File "/usr/lib/python2.7/dist-packages/samba/upgrade.py", line 671, 
in upgrade_from_samba3
     raise ProvisioningError("Could not open ldb connection to %s, the 
error message is: %s" % (url, e))


-- 

*Philippe MALADJIAN
Responsable informatique | administrateur système*

More information about the samba mailing list