[Samba] Problem joining domain [SEC=UNCLASSIFIED]
L.P.H. van Belle
belle at bazuin.nl
Wed Jun 12 09:02:30 UTC 2019
I migth be picky in thise things, but setting this things correct from start helps avoiding problems.
I suggest you make a small adjustment to your smb.conf.
Change :
realm = SSUNIT050.local
To
realm = SSUNIT050.LOCAL
Realms always in caps, or it might bit you somewhere else and these things are often hard to find.
(Note, unrelated to the problem in this case)
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Thamm, Russell via samba
> Verzonden: woensdag 12 juni 2019 9:37
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Problem joining domain [SEC=UNCLASSIFIED]
>
> UNCLASSIFIED
>
> Sorry to be a bloody pest, but I've hit a new problem.
>
> I shutdown the 2003 server & seized the roles. I then
> upgraded to samba 4.7.12. and demoted the 2003 server.
>
> Everything seemed to be working OK for several days, so I
> upgraded to 4.8.12.
>
> All seems OK except samba-tool dbcheck gives an error
>
> [root at julius samba-4.8.12]# samba-tool dbcheck -v --cross-ncs
> ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No
> such element'
> File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/_
> _init__.py", line 177, in _run
> return self.run(*args, **kwargs)
> File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/d
> bcheck.py", line 142, in run
> check_expired_tombstones=selftest_check_expired_tombstones)
> File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/dbchecke
> r.py", line 200, in __init__
> self.tombstoneLifetime = int(res[0]["tombstoneLifetime"][0])
>
> dbcheck ran fine before the upgrade
>
> Any ideas on how to fix this?
>
> My smb.conf is:
>
> # Global parameters
> [global]
> workgroup = SSUNIT050
> realm = SSUNIT050.local
> netbios name = JULIUS
> server role = active directory domain controller
> server services = rpc, nbt, wrepl, ldap, cldap, kdc,
> drepl, winbind, ntp_signd, kcc, dnsupdate, dns, s3fs [netlogon]
> path = /usr/local/samba/var/locks/sysvol/ssunit050.local/scripts
> read only = No
>
> [sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
>
> All versions of samba were built without any build settings.
>
> This is the only DC on the network.
>
> Cheers
> Russell
>
> -----Original Message-----
> From: samba [mailto:samba-bounces at lists.samba.org] On Behalf
> Of Rowland penny via samba
> Sent: Wednesday, 5 June, 2019 5:15 p.m.
> To: sambalist
> Subject: Re: [Samba] Problem joining domain [SEC=UNCLASSIFIED]
>
> On 05/06/2019 08:18, Thamm, Russell wrote:
> > UNCLASSIFIED
> >
> > I built another PC using Centos7 and samba 4.1.7.
> >
> > This got further but gave a segmentation fault. On
> successive runs, I
> > got: Your filesystem or build does not support posix ACLs,
> which s3f3
> > requires. (This is BS)
> What filesystem as this ?
> >
> > So I tried the next version that I had downloaded 4.3.3.
> With this I was able to successfully join the domain.
> >
> > I am thinking to:
> >
> > 1) seize roles with samba 3.3 server
>
> I do hope you meant '4.3.3' ;-)
>
> I would try to transfer them first, then seize if this fails
> (add --force to the seize command)
>
> > 2) shutdown 2003 server
> > 3) join domain with samba 4.10 server
>
> I wouldn't do that, there was a bug that left you with a
> non-operating DC
>
> This is where I would 'walk' up the minor versions 4.3.3 ->
> 4.7.x -> 4.8.x -> 4.10.x
>
> > 4) transfer roles to samba 4.10 server
> > 5) demote samba 3.3 server (this PC is a loaner)
> >
> > Is there any benefit in walking up the versions from 3.3 to
> 4.8.x before seizing the roles?
> >
> > When you say "walk up the versions", do you mean 4.4, 4.5,
> 4.6, 4.7, 4.8?
>
> I hope my explanation above answers those questions.
>
> Rowland
>
> >
> > Cheers
> > Russell
> >
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
> IMPORTANT: This email remains the property of the Department
> of Defence and is subject to the jurisdiction of section 70
> of the Crimes Act 1914. If you have received this email in
> error, you are requested to contact the sender and delete the email.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list