[Samba] Usage of '--domain-guid' parameter of 'samba-tool domain provision'
Olivier MARTIN
olivier at labapart.com
Thu May 11 21:50:12 UTC 2023
Hello,
I was hoping to reprovision the same domain by specifying the domain
GUID in the command line tool 'samba-tool domain provision' but I am not
sure if I missed something or if there is a bug but the specified domain
GUID is not the one which is created for my domain.
Specifying the domain SID seems to work as I would expect.
I tested it with Samba shipped by Debian 11 (samba2
4.13.13+dfsg-1~deb11u5) and the latest release 'samba-4.18.2'.
*For Samba **4.13.13 packaged by Debian 11:*
1. I provision my domain specifying the domain name, its GUID and SID:
sudo samba-tool domain provision --use-rfc2307 --realm=SAMDOM.DEMO.COM --domain=samdom --server-role=dc --dns-backend=SAMBA_INTERNAL --adminpass=D3m0H3l10 --domain-guid=a5291573-906f-467d-9d63-451204bb9abb --domain-sid=S-1-5-21-1683713074-1702463723-3046006099
Processing section "[sysvol]"
Processing section "[netlogon]"
pm_process() returned Yes
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Processing section "[global]"
Processing section "[sysvol]"
Processing section "[netlogon]"
pm_process() returned Yes
INFO 2023-05-11 12:57:14,916 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2125: Looking up IPv4 addresses
added interface lo ip=::1 bcast= netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
added interface eth1 ip=192.168.56.10 bcast=192.168.56.255 netmask=255.255.255.0
INFO 2023-05-11 12:57:14,917 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2142: Looking up IPv6 addresses
added interface lo ip=::1 bcast= netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
added interface eth1 ip=192.168.56.10 bcast=192.168.56.255 netmask=255.255.255.0
WARNING 2023-05-11 12:57:14,918 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2149: No IPv6 address will be assigned
INFO 2023-05-11 12:57:15,369 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2297: Setting up secrets.ldb
INFO 2023-05-11 12:57:15,380 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2302: Setting up the registry
ldb_wrap open of hklm.ldb
INFO 2023-05-11 12:57:15,391 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2305: Setting up the privileges database
INFO 2023-05-11 12:57:15,407 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2308: Setting up idmap db
INFO 2023-05-11 12:57:15,420 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2315: Setting up SAM db
INFO 2023-05-11 12:57:15,424 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #898: Setting up sam.ldb partitions and settings
INFO 2023-05-11 12:57:15,424 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #910: Setting up sam.ldb rootDSE
INFO 2023-05-11 12:57:15,427 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1323: Pre-loading the Samba 4 and AD schema
partition_metadata: Migrating partition metadata: open of metadata.tdb gave: No such Base DN: @INDEXLIST
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
INFO 2023-05-11 12:57:15,451 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1401: Adding DomainDN: DC=samdom,DC=demo,DC=com
DN: DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:15,465 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1434: Adding configuration container
DN: CN=Configuration,DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:15,482 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1449: Setting up sam.ldb schema
DN: CN=Schema,CN=Configuration,DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:19,240 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1467: Setting up sam.ldb configuration data
INFO 2023-05-11 12:57:19,437 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1508: Setting up display specifiers
INFO 2023-05-11 12:57:21,878 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1516: Modifying display specifiers and extended rights
INFO 2023-05-11 12:57:21,935 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1523: Adding users container
INFO 2023-05-11 12:57:21,939 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1529: Modifying users container
INFO 2023-05-11 12:57:21,941 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1532: Adding computers container
INFO 2023-05-11 12:57:21,944 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1538: Modifying computers container
INFO 2023-05-11 12:57:21,946 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1542: Setting up sam.ldb data
INFO 2023-05-11 12:57:22,148 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1572: Setting up well known security principals
INFO 2023-05-11 12:57:22,219 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1586: Setting up sam.ldb users and groups
INFO 2023-05-11 12:57:22,477 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1594: Setting up self join
Repacking database from v1 to v2 format (first record CN=MSMQ-Site-Name,CN=Schema,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=mSMQSettings-Display,CN=41F,CN=DisplaySpecifiers,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record CN=ipsecISAKMPPolicy{72385231-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,DC=samdom,DC=demo,DC=com)
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
doing parameter dns forwarder = 8.8.8.8
doing parameter netbios name = DC1
doing parameter realm = SAMDOM.VM-AUTHAPART-SERVER
doing parameter server role = active directory domain controller
doing parameter workgroup = SAMDOM
doing parameter idmap_ldb:use rfc2307 = yes
doing parameter disable netbios = yes
doing parameter log level = 4auth_json_audit:3@/var/log/samba/samba_audit.log
doing parameter logging = syslog at 4
doing parameter restrict anonymous = 2
doing parameter load printers = no
doing parameter cups options = raw
doing parameter printcap name = /dev/null
doing parameter ldap debug level = 1
ldap_url_parse_ext(ldap://localhost/)
ldap_init: trying /etc/ldap/ldap.conf
ldap_init: HOME env is /root
ldap_init: trying /root/ldaprc
ldap_init: trying /root/.ldaprc
ldap_init: trying ldaprc
ldap_init: LDAPCONF env is NULL
ldap_init: LDAPRC env is NULL
doing parameter bind interfaces only = yes
doing parameter interfaces = lo eth1
doing parameter tls enabled = yes
doing parameter tls keyfile = /etc/pki/vm-authapart-server/ca/service-ca/private/ad_dc.key
doing parameter tls certfile = /etc/pki/vm-authapart-server/ca/service-ca/ad_dc.crt
doing parameter tls cafile = /etc/pki/vm-authapart-server/ca/labapart-services-ca-chain.crt
doing parameter tls crlfile = /etc/pki/vm-authapart-server/ca/service-ca/services.crl
doing parameter tls dhparams file = /etc/pki/vm-authapart-server/ad_dc_dhparams.pem
Processing section "[sysvol]"
doing parameter path = /var/lib/samba/sysvol
doing parameter read only = No
Processing section "[netlogon]"
doing parameter path = /var/lib/samba/sysvol/samdom.vm-authapart-server/scripts
doing parameter read only = No
pm_process() returned Yes
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
load_module_absolute_path: Module '/usr/lib/x86_64-linux-gnu/samba/vfs/acl_xattr.so' loaded
Initialising custom vfs hooks from [dfs_samba4]
load_module_absolute_path: Module '/usr/lib/x86_64-linux-gnu/samba/vfs/dfs_samba4.so' loaded
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service Unknown Service (snum == -1)
vfs_ChDir to /usr/lib/python3/dist-packages/samba
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service Unknown Service (snum == -1)
lp_load_ex: refreshing parameters
Processing section "[global]"
doing parameter dns forwarder = 8.8.8.8
doing parameter netbios name = DC1
doing parameter realm = SAMDOM.VM-AUTHAPART-SERVER
doing parameter server role = active directory domain controller
doing parameter workgroup = SAMDOM
doing parameter idmap_ldb:use rfc2307 = yes
doing parameter disable netbios = yes
doing parameter log level = 4auth_json_audit:3@/var/log/samba/samba_audit.log
doing parameter logging = syslog at 4
doing parameter restrict anonymous = 2
doing parameter load printers = no
doing parameter cups options = raw
doing parameter printcap name = /dev/null
doing parameter ldap debug level = 1
doing parameter bind interfaces only = yes
doing parameter interfaces = lo eth1
doing parameter tls enabled = yes
doing parameter tls keyfile = /etc/pki/vm-authapart-server/ca/service-ca/private/ad_dc.key
doing parameter tls certfile = /etc/pki/vm-authapart-server/ca/service-ca/ad_dc.crt
doing parameter tls cafile = /etc/pki/vm-authapart-server/ca/labapart-services-ca-chain.crt
doing parameter tls crlfile = /etc/pki/vm-authapart-server/ca/service-ca/services.crl
doing parameter tls dhparams file = /etc/pki/vm-authapart-server/ad_dc_dhparams.pem
Processing section "[sysvol]"
doing parameter path = /var/lib/samba/sysvol
doing parameter read only = No
Processing section "[netlogon]"
doing parameter path = /var/lib/samba/sysvol/samdom.vm-authapart-server/scripts
doing parameter read only = No
pm_process() returned Yes
ldb_wrap open of idmap.ldb
ldb_wrap open of idmap.ldb
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/scripts. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER. uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE. uid = 3000032, gid = 3000032.
INFO 2023-05-11 12:57:25,083 pid:46406 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1143: Adding DNS accounts
INFO 2023-05-11 12:57:25,106 pid:46406 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1177: Creating CN=MicrosoftDNS,CN=System,DC=samdom,DC=demo,DC=com
INFO 2023-05-11 12:57:25,139 pid:46406 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1190: Creating DomainDnsZones and ForestDnsZones partitions
DN: DC=DomainDnsZones,DC=samdom,DC=demo,DC=com is a NC
DN: DC=ForestDnsZones,DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:25,216 pid:46406 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1195: Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=demo,DC=com)
INFO 2023-05-11 12:57:25,503 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2029: Setting up sam.ldb rootDSE marking as synchronized
INFO 2023-05-11 12:57:25,511 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2034: Fixing provision GUIDs
INFO 2023-05-11 12:57:26,454 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2367: A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/private/krb5.conf
INFO 2023-05-11 12:57:26,455 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2369: Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
INFO 2023-05-11 12:57:26,529 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2099: Setting up fake yp server settings
INFO 2023-05-11 12:57:26,633 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #490: Once the above files are installed, your Samba AD server will be ready to use
INFO 2023-05-11 12:57:26,634 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #495: Server Role: active directory domain controller
INFO 2023-05-11 12:57:26,635 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #496: Hostname: dc1
INFO 2023-05-11 12:57:26,635 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #497: NetBIOS Domain: SAMDOM
INFO 2023-05-11 12:57:26,635 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #498: DNS Domain: samdom.demo.com
INFO 2023-05-11 12:57:26,635 pid:46406 /usr/lib/python3/dist-packages/samba/provision/__init__.py #499: DOMAIN SID: S-1-5-21-1683713074-1702463723-3046006099
2. But when I retrieved the GUID of my domain, I can see it is not the
one I specified:
$ sudo ldbsearch -H /var/lib/samba/private/sam.ldb --basedn="DC=samdom,DC=demo,DC=com" "CN=dc1" objectGUID
# record 1
dn: CN=DC1,OU=Domain Controllers,DC=samdom,DC=demo,DC=com
objectGUID: 81fad588-4b7a-4269-97ab-efea16d414d3
# Referral
ref:ldap://samdom.vm-authapart-server/CN=Configuration,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.vm-authapart-server/DC=DomainDnsZones,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.vm-authapart-server/DC=ForestDnsZones,DC=samdom,DC=demo,DC=com
# returned 4 records
# 1 entries
# 3 referrals
*With Samba 4.18.2:*
1. Same command line, I provision my domain specifying the domain name,
its GUID and SID:
sudo samba-tool domain provision --use-rfc2307
--realm=SAMDOM.DEMO.COM --domain=samdom --server-role=dc
--dns-backend=SAMBA_INTERNAL --adminpass=D3m0H3l10
--domain-guid=a5291573-906f-467d-9d63-451204bb9abb
--domain-sid=S-1-5-21-1683713074-1702463723-3046006099
INFO 2023-05-11 21:18:37,018 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2108: Looking up IPv4 addresses
WARNING 2023-05-11 21:18:37,019 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2113: More than one IPv4 address found. Using 192.168.56.10
INFO 2023-05-11 21:18:37,019 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2125: Looking up IPv6 addresses
WARNING 2023-05-11 21:18:37,019 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2132: No IPv6 address will be assigned
INFO 2023-05-11 21:18:37,448 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2274: Setting up share.ldb
INFO 2023-05-11 21:18:37,470 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2278: Setting up secrets.ldb
INFO 2023-05-11 21:18:37,479 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2283: Setting up the registry
INFO 2023-05-11 21:18:37,519 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2286: Setting up the privileges database
INFO 2023-05-11 21:18:37,538 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2289: Setting up idmap db
INFO 2023-05-11 21:18:37,554 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2296: Setting up SAM db
INFO 2023-05-11 21:18:37,558 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #880: Setting up sam.ldb partitions and settings
INFO 2023-05-11 21:18:37,559 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #892: Setting up sam.ldb rootDSE
INFO 2023-05-11 21:18:37,562 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1305: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
INFO 2023-05-11 21:18:37,589 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1383: Adding DomainDN: DC=samdom,DC=demo,DC=com
INFO 2023-05-11 21:18:37,600 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1415: Adding configuration container
INFO 2023-05-11 21:18:37,619 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1430: Setting up sam.ldb schema
INFO 2023-05-11 21:18:42,204 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1448: Setting up sam.ldb configuration data
INFO 2023-05-11 21:18:42,459 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1489: Setting up display specifiers
INFO 2023-05-11 21:18:45,501 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1497: Modifying display specifiers and extended rights
INFO 2023-05-11 21:18:45,568 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1504: Adding users container
INFO 2023-05-11 21:18:45,571 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1510: Modifying users container
INFO 2023-05-11 21:18:45,572 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1513: Adding computers container
INFO 2023-05-11 21:18:45,574 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1519: Modifying computers container
INFO 2023-05-11 21:18:45,576 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1523: Setting up sam.ldb data
INFO 2023-05-11 21:18:45,795 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1553: Setting up well known security principals
INFO 2023-05-11 21:18:45,878 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1567: Setting up sam.ldb users and groups
INFO 2023-05-11 21:18:46,282 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1575: Setting up self join
Repacking database from v1 to v2 format (first record CN=ms-DS-Integer,CN=Schema,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=mSMQConfiguration-Display,CN=409,CN=DisplaySpecifiers,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record CN=Windows2003Update,CN=DomainUpdates,CN=System,DC=samdom,DC=demo,DC=com)
INFO 2023-05-11 21:18:48,154 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1198: Adding DNS accounts
INFO 2023-05-11 21:18:48,171 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1232: Creating CN=MicrosoftDNS,CN=System,DC=samdom,DC=demo,DC=com
INFO 2023-05-11 21:18:48,200 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1245: Creating DomainDnsZones and ForestDnsZones partitions
INFO 2023-05-11 21:18:48,256 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1250: Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record CN=LostAndFound,DC=ForestDnsZones,DC=samdom,DC=demo,DC=com)
INFO 2023-05-11 21:18:48,500 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2012: Setting up sam.ldb rootDSE marking as synchronized
INFO 2023-05-11 21:18:48,504 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2017: Fixing provision GUIDs
INFO 2023-05-11 21:18:49,835 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2348: A Kerberos configuration suitable for Samba AD has been generated at /usr/local/samba/private/krb5.conf
INFO 2023-05-11 21:18:49,835 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2350: Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
INFO 2023-05-11 21:18:50,025 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2082: Setting up fake yp server settings
INFO 2023-05-11 21:18:50,130 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #487: Once the above files are installed, your Samba AD server will be ready to use
INFO 2023-05-11 21:18:50,130 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #492: Server Role: active directory domain controller
INFO 2023-05-11 21:18:50,130 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #493: Hostname: dc1
INFO 2023-05-11 21:18:50,130 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #494: NetBIOS Domain: SAMDOM
INFO 2023-05-11 21:18:50,130 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #495: DNS Domain: samdom.demo.com
INFO 2023-05-11 21:18:50,130 pid:69715 /usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #496: DOMAIN SID: S-1-5-21-1683713074-1702463723-3046006099
2. But when I retrieved the GUID of my domain, I can see it is not the
one I specified:
$ sudo /usr/local/samba/bin/ldbsearch -H /var/lib/samba/private/sam.ldb --basedn="DC=samdom,DC=demo,DC=com" "CN=dc1" objectGUID
# record 1
dn: CN=DC1,OU=Domain Controllers,DC=samdom,DC=demo,DC=com
objectGUID: 4135c7cd-ddc5-4c2c-b1f9-48ee176451d2
# Referral
ref:ldap://samdom.demo.com/CN=Configuration,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.demo.com/DC=DomainDnsZones,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.demo.com/DC=ForestDnsZones,DC=samdom,DC=demo,DC=com
# returned 4 records
# 1 entries
# 3 referrals
Is it a bug or have I misunderstood the purpose of '--domain-guid'?
Thanks in advance,
Olivier
More information about the samba
mailing list