[Samba] convert from synology

Peter Carlson peter at howudodat.com
Fri Oct 7 01:28:06 UTC 2022 

ok.....<long pause for dramatic effect>

is there anything I can do in the meantime to set the acls for sysvol?

Peter

On 10/6/22 17:36, Andrew Bartlett via samba wrote:
> I would also note that the use of a signed integer as the type of the
> gid_t python argument is wrong, it should be an unsigned integer at
> least for linux, and we should determine that the parameter was not
> specified another way.
>
> https://bugzilla.samba.org/show_bug.cgi?id=15194
>
> But I also can't think of a good reason for gid value > INT_MAX on an
> AD DC, so this should be academic.
>
> Andrew Bartlett
>
> On Thu, 2022-10-06 at 17:06 -0700, Peter Carlson via samba wrote:
>> I think it went mostly well until samba-tool ntacl sysvolreset
>>
>> I followed the steps here:
>> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
>>
>>
>> Error:
>>
>> root at nctest:~# samba-tool ntacl sysvolreset
>> ERROR(<class 'OverflowError'>): uncaught exception - signed integer
>> is
>> greater than maximum
>>     File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py",
>> line
>> 186, in _run
>>       return self.run(*args, **kwargs)
>>     File "/usr/lib/python3/dist-packages/samba/netcmd/ntacl.py", line
>> 412, in run
>>       provision.setsysvolacl(samdb, netlogon, sysvol,
>>     File "/usr/lib/python3/dist-
>> packages/samba/provision/__init__.py",
>> line 1668, in setsysvolacl
>>       smbd.set_simple_acl(file.name, 0o755, system_session_unix(),
>> gid)
>>
>> Here is a history of the commands that I have done.  some cd / cd ..
>> type commands are removed
>>
>>      58  samba-tool domain join s**********t.local DC
>> -U"SDCP\administrator" --dns-backend=BIND9_DLZ
>>      59  scp
>> admin at 192.168.10.11
>> :/tmp/idmap.ldb.bak .
>>      64  cp idmap.ldb.bak /var/lib/samba/private/
>>      65  cd /var/lib/samba/private
>>      66  ls
>>      67  mv idmap.ldb idmap.ldb.orig
>>      68  mv idmap.ldb.bak idmap.ldb
>>      70  chmod 600 idmap.ldb
>>      71  net cache flush
>>      72  cd
>>      73  scp
>> admin at 192.168.10.11
>> :/tmp/sysvol.tar .
>>      75  tar -xvf sysvol.tar
>>      77  cp -r sysvol/* /var/lib/samba/sysvol/
>>      78  samba-tool ntacl sysvolreset
>>
>> On 10/6/22 16:58, Andrew Bartlett via samba wrote:
>>> On Thu, 2022-10-06 at 15:04 -0700, Peter Carlson via samba wrote:
>>>> I am getting ready to convert from Synology AD (smbd V 4.4.16) to
>>>> an
>>>> ubuntu server running 4.15.9.  the basic steps I see are :
>>>>
>>>> 1. join samba as a DC verify that everything gets replicated
>>>>
>>>> 2. rsync sysvol from the synology to new server
>>>>
>>>> 3. transfer FSMO roles
>>>>
>>>> 4. change samba's DNS backend to BIND  (I need the server to
>>>> respond
>>>> for
>>>> multiple domains)
>>>>
>>>> Just curious of any gotchas or steps I might be overlooking. Does
>>>> there
>>>> happen to be a guide on doing something like this?
>>>>
>>>> Peter
>>> It should just work, but if it doesn't then see
>>> https://bugzilla.samba.org/show_bug.cgi?id=15189
>>>   for a patch that can
>>> help if you get WERROR_DS_DRA_MISSING_PARENT
>>>
>>> I would also do some work with samba-tool ldapcmp to ensure the
>>> replication was correct.
>>>
>>> Andrew Bartlett
>>>
>>>

More information about the samba mailing list