Re: [Samba] Replication fails after DC re-joined to domain
- Date: Thu, 8 Feb 2018 08:49:09 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Replication fails after DC re-joined to domain
On Thu, 08 Feb 2018 06:45:28 +1300
Andrew Bartlett via samba <samba@xxxxxxxxxxxxxxx> wrote:
> On Wed, 2018-02-07 at 18:38 +0100, Denis Cardon via samba wrote:
> > Hi Roy,
> > > First some background:
> > > ==================
> > > I had a test environment which had two samba DCs (running v
> > > 4.8.0rc2) and 1 Windows Server 2008R2 DC. The samba DCs had
> > > been upgraded from v 4.6x and the secrets database was not
> > > encrypted (as far as I know). I decided to downgrade one of
> > > the samba DCs to v 4.7.4.
> > >
> > > On re-starting samba after the downgrade the log shows:
> > >
> > > ldb: unable to
> > > dlopen /usr/local/samba/lib/ldb/encrypted_secrets.so : /usr/local/samba/lib/private/libdsdb-module-samba4.so:
> > > version `SAMBA_4.8.0RC2' not found (required
> > > by /usr/local/samba/lib/ldb/encrypted_secrets.so)
> > when you are doing your downgrade, did you clean up all the
> > /usr/local/samba directory or did you make && make install over the
> > existing installation?
> > If it was a quick'n dirty make && make install over the existing
> > 4.8 install, could you try to do a install on a clean directory and
> > then copy over etc/smb.conf, private/ and var/locks/?
> > Cheers,
> > Denis
> This is exactly the issue. The install has left an ldb plugin
> (encrypted_secrets.so) around which blocks operation as it can't
> operate with the older Samba version but isn't overwritten as it
> didn't exist in the older version.
The release notes clearly say this:
However, an in-place upgrade will not encrypt the database.
So, the upgrade shouldn't create the ldb plugin, either that or rewrite
the release notes.
To unsubscribe from this list go to the following URL and read the