Web lists-archives.com

Re: [Samba] Problem joining domain [SEC=CLASSIFIED]




On 31/05/2019 08:23, Andrew Bartlett wrote:
On Fri, 2019-05-31 at 06:21 +0000, Thamm, Russell via samba wrote:
UNCLASSIFIED

Hi Andrew and Roland,

I originally installed samba-4.1.7 on CentOS 6.5. I successfully joined the domain. I intended to take over from the 2003 server but because the domain was being heavily used, I delayed seizing the roles.

Now I really, really want to replace the 2003 server. The network is currently not in use and I want to complete the job while I have an opportunity. If I have no other option, I will create a new domain, but I'd prefer to avoid having to create new user accounts.
How about trying this:

https://wiki.samba.org/index.php/Create_a_samba_lab-domain
Isn't the OP going to run into a chicken & egg situation here, will it work against a Windows DC ?

If that works, then you may be able to try this:

https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC

an online backup might work against windows, but I suspect you will
hit:

https://bugzilla.samba.org/show_bug.cgi?id=13917

If you can apply patches (difficult air-gapped I know), try the
backported one attached to the bug.

Restoring the backup won't allow the windows server to still operate
(they will fight), but might get you a way out.

Anyway, I hope this is of some help.  Otherwise we need to try and work
out a bit more about why the windows DC is unhappy with our list of
NCs.

Andrew Bartlett

If a Centos 6 Samba AD DC was able to join, then I would try going down that path again, but to save time and not compile Samba, I would use Debian 8 instead. If you get a Samba DC to join, you could then walk up the Samba versions (probably needed unless the bug is fixed) by using Louis's repo. Once you get past 4.8.x, you could then seize all the FSMO roles and turn off the windows DC and remove it from the domain.

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba