Samba 4 Cleanup Managing and Otherwise
in [Samba]
|
From: Michael Wood on 18 Jun 2010 08:40 On 17 June 2010 04:49, <tms3(a)tms3.com> wrote: > OK, there has got to be a way to work with this thing other than wiping the > Domain every time an error pops up. > > Trying to resolve problems I did a git upgrade and: > > setup# /usr/local/samba/sbin/upgradeprovision > > Which provided the unhelpful: > > Found 3 domain controllers, for the moment upgradeprovision is not able to > handle upgrade on domain with more than one DC, please demote the other(s) > DC(s) before upgrading > > As I am actually trying to clean up an orphaned DC due to the fact that > dcpromo fails to remove AD from a windows server I am in even worse shape > than before the git upgrade. > > As I don't have unlimited funds, and the M$ software is outrageously > expensive, I can't keep blowing Windows servers out and reprovisioning them. > > Any ideas would be greatly appreciated here. Maybe running ldapcmp against the samba box and the Windows box will tell you something. Also, maybe what you could do is get an LDIF export of the directory, then add another Samba box to the domain and get another LDIF export and compare them to see what was added. Then you should be able to know exactly what needs to be deleted again afterwards. I haven't had a chance to try the above yet, though. P.S. I know the upgradeprovision script is being worked on at the moment, so this might all be fixed soon, but maybe you should mention it on the samba-technical list. -- Michael Wood <esiotrot(a)gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: tms3 on 18 Jun 2010 09:10 > > --- Original message --- > Subject: Re: [Samba] Samba 4 Cleanup Managing and Otherwise > From: Michael Wood <esiotrot(a)gmail.com> > To: <tms3(a)tms3.com> > Cc: <samba(a)lists.samba.org> > Date: Friday, 18/06/2010 5:34 AM > > On 17 June 2010 04:49, <tms3(a)tms3.com> wrote: >> >> OK, there has got to be a way to work with this thing other than >> wiping the >> Domain every time an error pops up. >> >> Trying to resolve problems I did a git upgrade and: >> >> setup# /usr/local/samba/sbin/upgradeprovision >> >> Which provided the unhelpful: >> >> Found 3 domain controllers, for the moment upgradeprovision is not >> able to >> handle upgrade on domain with more than one DC, please demote the >> other(s) >> DC(s) before upgrading >> >> As I am actually trying to clean up an orphaned DC due to the fact >> that >> dcpromo fails to remove AD from a windows server I am in even worse >> shape >> than before the git upgrade. >> >> As I don't have unlimited funds, and the M$ software is outrageously >> expensive, I can't keep blowing Windows servers out and reprovisioning >> them. >> >> Any ideas would be greatly appreciated here. > > Maybe running ldapcmp against the samba box and the Windows box will > tell you something. Also, maybe what you could do is get an LDIF > export of the directory, then add another Samba box to the domain and > get another LDIF export and compare them to see what was added. Then > you should be able to know exactly what needs to be deleted again > afterwards. Interestingly, after I wrote the above, I accessed the W2K3R2 DC and was able to use "sites and services" to delete the NTDS settings under the still listed orphaned DC, then go about manually deleting it from the rep lists for each server, then actually delete the server itself from the list, which is better than I was able to do. It is now gone and Samba4 is no longer calling for it. However, I am in a quandry over this mess now: Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 - NT_STATUS_INVALID_PARAMETER [Fri Jun 18 06:05:05 2010 PDT, 0 .../dsdb/repl/drepl_notify.c:207:dreplsrv_notify_op_callback()] dreplsrv_notify: Failed to send DsReplicaSync to 58bfc826-cd9f-445d-b6e5-ab7314ba0671._msdcs.tms3.com for CN=Schema,CN=Configuration,DC=tms3,DC=com - NT_STATUS_INVALID_PARAMETER : WERR_INVALID_PARAM [Fri Jun 18 06:05:05 2010 PDT, 0 .../librpc/rpc/dcerpc_util.c:657:dcerpc_pipe_auth_recv()] Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 - NT_STATUS_INVALID_PARAMETER [Fri Jun 18 06:05:05 2010 PDT, 0 .../dsdb/repl/drepl_notify.c:207:dreplsrv_notify_op_callback()] dreplsrv_notify: Failed to send DsReplicaSync to af29c79c-57dc-40f3-bed1-95c3adda4cc8._msdcs.tms3.com for CN=Schema,CN=Configuration,DC=tms3,DC=com - NT_STATUS_INVALID_PARAMETER : WERR_INVALID_PARAM [Fri Jun 18 06:05:05 2010 PDT, 0 .../librpc/rpc/dcerpc_util.c:657:dcerpc_pipe_auth_recv()] Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 - NT_STATUS_INVALID_PARAMETER [Fri Jun 18 06:05:05 2010 PDT, 0 .../dsdb/repl/drepl_notify.c:207:dreplsrv_notify_op_callback()] dreplsrv_notify: Failed to send DsReplicaSync to 58bfc826-cd9f-445d-b6e5-ab7314ba0671._msdcs.tms3.com for CN=Configuration,DC=tms3,DC=com - NT_STATUS_INVALID_PARAMETER : WERR_INVALID_PARAM [Fri Jun 18 06:05:05 2010 PDT, 0 .../librpc/rpc/dcerpc_util.c:657:dcerpc_pipe_auth_recv()] Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 - NT_STATUS_INVALID_PARAMETER [Fri Jun 18 06:05:05 2010 PDT, 0 .../dsdb/repl/drepl_notify.c:207:dreplsrv_notify_op_callback()] dreplsrv_notify: Failed to send DsReplicaSync to af29c79c-57dc-40f3-bed1-95c3adda4cc8._msdcs.tms3.com for CN=Configuration,DC=tms3,DC=com - NT_STATUS_INVALID_PARAMETER : WERR_INVALID_PARAM It has been suggested that it is a kerberos problem, but I'm stymied as to WHAT the problem is: root(a)T3:/usr/local/samba/var# kinit administrator(a)TMS3.COM administrator(a)TMS3.COM's Password: root(a)T3:/usr/local/samba/var# klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: administrator(a)TMS3.COM Issued Expires Principal Jun 18 06:05:36 Jun 18 16:05:36 krbtgt/TMS3.COM(a)TMS3.COM root(a)T3:/usr/local/samba/var# Anywho, enough poking around for now. Cheers, TMS III > > > I haven't had a chance to try the above yet, though. > > P.S. I know the upgradeprovision script is being worked on at the > moment, so this might all be fixed soon, but maybe you should mention > it on the samba-technical list. > > -- > Michael Wood <esiotrot(a)gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
|
Pages: 1 Prev: how to make ms xp save login credentials Next: RECOVER FILE DAEMON SMBD SAMBA |