[Samba] Problem joining domain [SEC=UNCLASSIFIED]
Russell.Thamm at dst.defence.gov.au
Wed Jun 12 07:36:35 UTC 2019
Sorry to be a bloody pest, but I've hit a new problem.
I shutdown the 2003 server & seized the roles. I then upgraded to samba 4.7.12. and demoted the 2003 server.
Everything seemed to be working OK for several days, so I upgraded to 4.8.12.
All seems OK except samba-tool dbcheck gives an error
[root at julius samba-4.8.12]# samba-tool dbcheck -v --cross-ncs ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element'
File "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 177, in _run
return self.run(*args, **kwargs)
File "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/dbcheck.py", line 142, in run
File "/usr/local/samba/lib64/python2.7/site-packages/samba/dbchecker.py", line 200, in __init__
self.tombstoneLifetime = int(res["tombstoneLifetime"])
dbcheck ran fine before the upgrade
Any ideas on how to fix this?
My smb.conf is:
# Global parameters
workgroup = SSUNIT050
realm = SSUNIT050.local
netbios name = JULIUS
server role = active directory domain controller
server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns, s3fs [netlogon]
path = /usr/local/samba/var/locks/sysvol/ssunit050.local/scripts
read only = No
path = /usr/local/samba/var/locks/sysvol
read only = No
All versions of samba were built without any build settings.
This is the only DC on the network.
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland penny via samba
Sent: Wednesday, 5 June, 2019 5:15 p.m.
Subject: Re: [Samba] Problem joining domain [SEC=UNCLASSIFIED]
On 05/06/2019 08:18, Thamm, Russell wrote:
> I built another PC using Centos7 and samba 4.1.7.
> This got further but gave a segmentation fault. On successive runs, I
> got: Your filesystem or build does not support posix ACLs, which s3f3
> requires. (This is BS)
What filesystem as this ?
> So I tried the next version that I had downloaded 4.3.3. With this I was able to successfully join the domain.
> I am thinking to:
> 1) seize roles with samba 3.3 server
I do hope you meant '4.3.3' ;-)
I would try to transfer them first, then seize if this fails (add --force to the seize command)
> 2) shutdown 2003 server
> 3) join domain with samba 4.10 server
I wouldn't do that, there was a bug that left you with a non-operating DC
This is where I would 'walk' up the minor versions 4.3.3 -> 4.7.x -> 4.8.x -> 4.10.x
> 4) transfer roles to samba 4.10 server
> 5) demote samba 3.3 server (this PC is a loaner)
> Is there any benefit in walking up the versions from 3.3 to 4.8.x before seizing the roles?
> When you say "walk up the versions", do you mean 4.4, 4.5, 4.6, 4.7, 4.8?
I hope my explanation above answers those questions.
To unsubscribe from this list go to the following URL and read the
IMPORTANT: This email remains the property of the Department of Defence and is subject to the jurisdiction of section 70 of the Crimes Act 1914. If you have received this email in error, you are requested to contact the sender and delete the email.
More information about the samba