Web lists-archives.com

Re: [Samba] samba-tool domain backup ERROR




On Thu, 28 Feb 2019 14:18:05 +0100
"L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> Hmm. 
> 
> Hai stefan, 
> 
> I hadnt use the : samba-tool domain backup online --server=dc1
> --targetdir=./  option yet. I've run the command on the same dc as im
> backing up and i did a kinit Administrator before it. Also tried it
> with -UNTDOM\\Administrator  and -Uadministrator All three  resulted
> in a good backup. 
> 
> ... More logging here.....  
> Pre-loading the Samba 4 and AD schema
> Unable to determine the DomainSID, can not enforce uniqueness
> constraint on local domainSIDs ...

You can ignore that (and I do wish whoever added the possibility of it
being printed, hadn't), it appears to be meaningless, you even get this
on provisions & DC joins now.

> A Kerberos configuration suitable for Samba AD has been generated
> at /root/tmpvMsnbF/private/krb5.conf Merge the contents of this file
> with your system krb5.conf or replace it with this one. Do not create
> a symlink! Provision OK for domain DN DC=rotterdam,DC=bazuin,DC=nl
> Starting replication Using DS_BIND_GUID_W2K3
> ...
> Cloned domain NTDOM (SID S-1-5-21-123415564-252352352)
> ...
> 
> Creating backup
> file ./samba-backup-internal.domain.tld-2019-02-28T13-51-25.864257.tar.bz2...
> 
> Our difference. 
> In running backend AD, i assum you run with rid backend. 
> 
> Hmm, i have to think about this, i know there was an bugreport on the
> backup option.. I'll see if i can find it. 
> 
> @Rowland, do you know if the SID/RID of Administrator is the same on
> the DC's when using RID backend? 

Provided you haven't added a uidNumber attribute to Administrator, the
ID is hardcoded to '0' in idmap.ldb

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba