[Samba] Provisioning new AD Domain Controller

Sonic sonicsmith at gmail.com
Thu Jan 18 19:11:31 UTC 2024


hosts file? stale dns records?

On Thu, Jan 18, 2024 at 2:07 PM Mark Foley via samba
<samba at lists.samba.org> wrote:
>
> On Thu Jan 18 00:51:16 2024 Mark Foley via samba <samba at lists.samba.org> wrote:
> >
> > Because of issues described in thread "Joining Windows 10 Domain Member to Samba
> > AD/DC", I'm trying to re-provision my DC with the curren/old domain name
> > mail.hprs.local instead of the newer, more correct dc1.hprs.locl.
> >
> > I've followed the steps in
> >
> > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
> >
> > regarding "Only Applicable if Samba was Previously Installed". For the directory
> > list:
> >
> > # smbd -b | egrep "LOCKDIR|STATEDIR|CACHEDIR|PRIVATE_DIR"
> >    LOCKDIR: /var/cache/samba
> >    STATEDIR: /var/lib/samba
> >    CACHEDIR: /var/cache/samba
> >    PRIVATE_DIR: /var/lib/samba/private
> >
> > I did 'rm -r /var/cache/samba* /var/lib/samba/*'. I then did the provision step
> > again:
> >
> > samba-tool domain provision --use-rfc2307 --realm=HPRS.LOCAL --domain=HPRS \
> >   --server-role=dc --dns-backend=SAMBA_INTERNAL --option=interfaces="lo eth0" \
> >   --option="bind interfaces only=yes" --adminpass=pw
> >
> > However, when I got to the 'samba-tool dns zonelist' step, I got:
> >
> > Password for [administrator at HPRS.LOCL]:
> >
> > Notice that it is asking for the supposedly purged realm HPRS.LOCL. There must
> > be more that needs to be removed other than just those egrep'ed directories.
> >
> > /etc/hosts is:
> >
> > 127.0.0.1               localhost
> > 192.168.1.60             mail.hprs.local mail
> >
> > /etc/HOSTNAME is:
> >
> > mail.hprs.local
> >
> > The generated smb.conf is:
> >
> > # Global parameters
> > [global]
> >         bind interfaces only = Yes
> >         dns forwarder = 192.168.1.1
> >         interfaces = lo eth0
> >         netbios name = MAIL
> >         realm = HPRS.LOCAL
> >         server role = active directory domain controller
> >         workgroup = HPRS
> >         idmap_ldb:use rfc2307 = yes
> >
> > [sysvol]
> >         path = /var/lib/samba/sysvol
> >         read only = No
> >
> > [netlogon]
> >         path = /var/lib/samba/sysvol/hprs.local/scripts
> >         read only = No
> >
> >
> > There are no other .tdb or .ldb files on the drive.
> >
> > Where is this old realm name lurking, why is it associated with the
> > Administrator and how do I purge it and any remaining such vestigal
> > references without scratch-installing Linux?
> >
> > Thanks --Mark
>
> After again removing all .tdb and .ldb files, and grepping the whole /etc
> directory for any files containing hprs.locl -- and not finding any -- and
> reprovisioning again, I still get:
>
> # samba-tool dns zonelist mail
> Password for [administrator at HPRS.LOCL]:
>
> So the previous domain name is still lurking somewhere, but not findable or
> killable by me.
>
> As no one has replied to this question, I'm going to go ahead and wipe the drive
> and reinsall Linux from scratch. That should eliminate any references to
> HPRS.LOCL.
>
> --Mark
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba



More information about the samba mailing list