[Samba] Samba Migration and AD integration
- Date: Tue, 6 Feb 2018 03:05:18 +0000
- From: Praveen Ghimire via samba <samba@xxxxxxxxxxxxxxx>
- Subject: [Samba] Samba Migration and AD integration
We migrated from Samba 3 to 4 (4.6.7-Ubuntu) and added promoted a Server 2008R2 as a Domain Controller. We've come across the following issues and request some suggestions to resolve them
- The migration didn't generate DNS entries for the new realm. We had to manually create a new zone file (/var/cache/bind) for the new realm. Only then we were able to promote the Server2008 R2 as the DC. Is this an expected outcome post migration?
- Similarly, the dhcpd.conf file exhibited the same outcome as above.
- When we added a new machine to the domain, it didn't update the DNS record in the Samba box. The machine joins to the domain but there is no DNS record for it.
- We added the DNS role in the Server2008 R2 DC, what we found that any record created in Bind9 gets replicated to the Windows server but no vice-versa.
The AD user bit seems to sync ok between the servers.
The samba-tool dbcheck -cross-ncs gives the following
samba-tool dbcheck --cross-ncs
Checking 3835 objects
ERROR(<type 'exceptions.ValueError'>): uncaught exception - unable to parse dn string
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/dbcheck.py", line 157, in run
File "/usr/lib/python2.7/dist-packages/samba/dbchecker.py", line 198, in check_database
error_count += self.check_object(object.dn, attrs=attrs)
File "/usr/lib/python2.7/dist-packages/samba/dbchecker.py", line 1839, in check_object
expected_dn = ldb.Dn(self.samdb, "RDN=RDN,%s" % (parent_dn))
netbios name = TEST
realm = TESTDC
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
workgroup = TESTDC
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
path = /var/lib/samba/sysvol/testdc/scripts
read only = No
path = /var/lib/samba/sysvol
read only = No
To unsubscribe from this list go to the following URL and read the