[Samba] convert from synology

Peter Carlson peter at howudodat.com
Fri Oct 7 00:06:20 UTC 2022


I think it went mostly well until samba-tool ntacl sysvolreset

I followed the steps here: 
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory

Error:

root at nctest:~# samba-tool ntacl sysvolreset
ERROR(<class 'OverflowError'>): uncaught exception - signed integer is 
greater than maximum
   File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 
186, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python3/dist-packages/samba/netcmd/ntacl.py", line 
412, in run
     provision.setsysvolacl(samdb, netlogon, sysvol,
   File "/usr/lib/python3/dist-packages/samba/provision/__init__.py", 
line 1668, in setsysvolacl
     smbd.set_simple_acl(file.name, 0o755, system_session_unix(), gid)

Here is a history of the commands that I have done.  some cd / cd .. 
type commands are removed

    58  samba-tool domain join s**********t.local DC 
-U"SDCP\administrator" --dns-backend=BIND9_DLZ
    59  scp admin at 192.168.10.11:/tmp/idmap.ldb.bak .
    64  cp idmap.ldb.bak /var/lib/samba/private/
    65  cd /var/lib/samba/private
    66  ls
    67  mv idmap.ldb idmap.ldb.orig
    68  mv idmap.ldb.bak idmap.ldb
    70  chmod 600 idmap.ldb
    71  net cache flush
    72  cd
    73  scp admin at 192.168.10.11:/tmp/sysvol.tar .
    75  tar -xvf sysvol.tar
    77  cp -r sysvol/* /var/lib/samba/sysvol/
    78  samba-tool ntacl sysvolreset

On 10/6/22 16:58, Andrew Bartlett via samba wrote:
> On Thu, 2022-10-06 at 15:04 -0700, Peter Carlson via samba wrote:
>> I am getting ready to convert from Synology AD (smbd V 4.4.16) to an
>> ubuntu server running 4.15.9.  the basic steps I see are :
>>
>> 1. join samba as a DC verify that everything gets replicated
>>
>> 2. rsync sysvol from the synology to new server
>>
>> 3. transfer FSMO roles
>>
>> 4. change samba's DNS backend to BIND  (I need the server to respond
>> for
>> multiple domains)
>>
>> Just curious of any gotchas or steps I might be overlooking. Does
>> there
>> happen to be a guide on doing something like this?
>>
>> Peter
> It should just work, but if it doesn't then see
> https://bugzilla.samba.org/show_bug.cgi?id=15189 for a patch that can
> help if you get WERROR_DS_DRA_MISSING_PARENT
>
> I would also do some work with samba-tool ldapcmp to ensure the
> replication was correct.
>
> Andrew Bartlett
>
>



More information about the samba mailing list