[Samba] accidentally upgraded DC to 4.17.3 ... didn't work
Stefan G. Weichinger
lists at xunil.at
Wed Nov 30 09:41:20 UTC 2022
Am 30.11.22 um 09:05 schrieb Stefan G. Weichinger via samba:
> The state: the replication seems to work, but winbind doesn't work
> correctly (afaik) on that adc1.
>
> So shares like SYSVOL aren't accessible.
>
> It seems I can only retry demoting, cleaning up and join again, plus
> transfer that idmap.tdb.
>
> Packages are up to date, I *should* have all necessary packages installed.
So I repeated:
* demote adc1
* clear /var/lib/samba, smb.conf, /run/samba, /var/cache/samba,
/var/log/samba (is that dir important? anyway)
* join successfully
* cp idmap.ldb (yes, in the wiki at
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Joining_the_Active_Directory_as_a_Domain_Controller,
but not mentioned in
https://wiki.samba.org/index.php/Upgrading_a_Samba_AD_DC#Updating_Multiple_Samba_Domain_Controllers
.. that's where I started)
* start ad-dc service
Result:
* replication OK according to "samba-tool drs showrepl"
* smbclient -L localhost -N
session setup failed: NT_STATUS_INTERNAL_ERROR
# wbinfo -t
could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE
could not obtain winbind domain name!
checking the trust secret for domain (null) via RPC calls failed
failed to call wbcCheckTrustCredentials: WBC_ERR_WINBIND_NOT_AVAILABLE
Could not check secret
* # ps axf | egrep "winbindd"
81207 pts/0 S+ 0:00 \_ grep -E winbindd
80980 ? S 0:00 | \_ samba: task[winbindd] pre-fork master
80985 ? Ss 0:00 | \_ /usr/sbin/winbindd -D
--option=server role check:inhibit=yes --foreground
81004 ? S 0:00 | \_ winbindd: domain child
[ARBEITSGRUPPE]
-
So basically the same result as last week. This is 4.17.3+dfsg-2~bpo11
from bullseye-backports.
I can only think of checking installed packages and maybe remove and
reinstall stuff. Maybe something is missing or ...
More information about the samba
mailing list