[Samba] preparing a 2nd DC
Stefan G. Weichinger
lists at xunil.at
Fri Feb 1 21:27:29 UTC 2019
Am 30.01.19 um 12:09 schrieb Stefan G. Weichinger via samba:
> Am 30.01.19 um 11:37 schrieb Rowland Penny via samba:
>
>> You will have to sync sysvol AFTER the join
>> The join will create the kerberos ticket (unless you are actually
>> referring to /etc/krb5.conf) and smb.conf.
>> /etc/resolv.conf needs to point to DC1 before the join and itself after
>> the join.
>
> phew! I didn't have that on the radar, good that I asked ...
>
> No problem to temporarily disable the rsync-job and rm the kerberos
> ticket (quick reboot of DC2 during lunch ;-)).
>
> thanks!
>
>>> I hesitate to join the DC2 during work hours ;-) from experience.
>>
>> Wise decision ;-)
>
> At least this was done correctly ;-)
>
>>> And I think it's better to ask you *before* I crash my network ;-)
>>
>> Oh definitely, better to ask before, it is easier to fix ;-)
>
> great, thanks so far.
Are we surprised that I face difficulties at the join? no ...
;-)
clean /etc/samba, no krb5.conf
# samba-tool domain join mydomain.at -U"BUERO\Administrator"
--dns-backend=SAMBA_INTERNAL --option='idmap_ldb:use rfc2307 = yes'
Password for [BUERO\Administrator]:
ERROR(runtime): uncaught exception - (-1073741606,
'provision_store_self_join failed with NT_STATUS_CANT_ACCESS_DOMAIN_INFO')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
176, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line
697, in run
machinepass=machinepass)
-
the smb.conf on DC(1) says:
[global]
workgroup = BUERO
realm = MYDOMAIN.AT
netbios name = DC
that comes from old NT4 times
I wonder if I use wrong realm/domain name or if I miss some package on DC2
dsdb-modules are installed already (were missing at first)
More information about the samba
mailing list