Hi for All!
I am using a Windows Server 2008R2 as primary DC and a Ubuntu Server 16.04
as secundary DC with Samba 4.3.9 (from repository/apt-get).
During a migration test of FSMO roles I received an error from Samba:
root at gteste2:~# samba-tool fsmo transfer --role=all
ERROR: Failed to delete role 'domaindns': LDAP error 50
LDAP_INSUFFICIENT_ACCESS_RIGHTS - <00002098: SecErr: DSID-0315211E,
problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
root at gteste2:~#
After this, I am getting the error below:
root at gteste2:~# samba-tool fsmo show
ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No
such element'
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line
175, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
396,
in run
domaindnszonesMaster = get_fsmo_roleowner(samdb, domaindns_dn)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
43, in
get_fsmo_roleowner
master_owner = res[0]["fSMORoleOwner"][0]
root at gteste2:~#
My samba config is:
root at gteste2:~# cat /etc/samba/smb.conf
# Global parameters
[global]
workgroup = TESTEAD
realm = testead.gsurfnet.com
netbios name = GTESTE2
interfaces = lo ens33
bind interfaces only = Yes
server role = active directory domain controller
dns forwarder = 8.8.8.8
[netlogon]
path = /var/lib/samba/sysvol/testead.gsurfnet.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
root at gteste2:~#
I do not know what to do... :-(
Anderson Hoffmann
try samba-tool fsmo transfer --role=all -UAdministrator And see if that works. On Thu, Jul 7, 2016 at 2:57 PM, Anderson Hoffmann do Carmo < anderson.hoffmann at gsurfnet.com> wrote:> Hi for All! > > I am using a Windows Server 2008R2 as primary DC and a Ubuntu Server 16.04 > as secundary DC with Samba 4.3.9 (from repository/apt-get). > During a migration test of FSMO roles I received an error from Samba: > > root at gteste2:~# samba-tool fsmo transfer --role=all > ERROR: Failed to delete role 'domaindns': LDAP error 50 > LDAP_INSUFFICIENT_ACCESS_RIGHTS - <00002098: SecErr: DSID-0315211E, > problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 > root at gteste2:~# > > > After this, I am getting the error below: > > root at gteste2:~# samba-tool fsmo show > ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element' > File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > 175, in _run > return self.run(*args, **kwargs) > File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 396, > in run > domaindnszonesMaster = get_fsmo_roleowner(samdb, domaindns_dn) > File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 43, in > get_fsmo_roleowner > master_owner = res[0]["fSMORoleOwner"][0] > root at gteste2:~# > > > My samba config is: > > root at gteste2:~# cat /etc/samba/smb.conf > # Global parameters > [global] > workgroup = TESTEAD > realm = testead.gsurfnet.com > netbios name = GTESTE2 > interfaces = lo ens33 > bind interfaces only = Yes > server role = active directory domain controller > dns forwarder = 8.8.8.8 > > [netlogon] > path = /var/lib/samba/sysvol/testead.gsurfnet.com/scripts > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > root at gteste2:~# > > > > I do not know what to do... :-( > > > Anderson Hoffmann > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Fail! :-(
root at gteste2:~# samba-tool fsmo transfer --role=all -UAdministrador
FSMO transfer of 'rid' role successful
FSMO transfer of 'pdc' role successful
FSMO transfer of 'naming' role successful
FSMO transfer of 'infrastructure' role successful
FSMO transfer of 'schema' role successful
ERROR(<type 'exceptions.UnboundLocalError'>): uncaught exception -
local
variable 'master_guid' referenced before assignment
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line
175, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
452,
in run
transfer_dns_role(self.outf, sambaopts, credopts, "domaindns",
samdb)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
76, in
transfer_dns_role
master_dns_name = '%s._msdcs.%s' % (master_guid,
root at gteste2:~#
root at gteste2:~#
Thanks,
Anderson Hoffmann
2016-07-07 16:43 GMT-03:00 Jason Waters <jason at geeknocity.com>:
> try
> samba-tool fsmo transfer --role=all -UAdministrator
>
> And see if that works.
>
> On Thu, Jul 7, 2016 at 2:57 PM, Anderson Hoffmann do Carmo <
> anderson.hoffmann at gsurfnet.com> wrote:
>
>> Hi for All!
>>
>> I am using a Windows Server 2008R2 as primary DC and a Ubuntu Server
16.04
>> as secundary DC with Samba 4.3.9 (from repository/apt-get).
>> During a migration test of FSMO roles I received an error from Samba:
>>
>> root at gteste2:~# samba-tool fsmo transfer --role=all
>> ERROR: Failed to delete role 'domaindns': LDAP error 50
>> LDAP_INSUFFICIENT_ACCESS_RIGHTS - <00002098: SecErr: DSID-0315211E,
>> problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
>> root at gteste2:~#
>>
>>
>> After this, I am getting the error below:
>>
>> root at gteste2:~# samba-tool fsmo show
>> ERROR(<type 'exceptions.KeyError'>): uncaught exception -
'No such
>> element'
>> File
"/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
>> 175, in _run
>> return self.run(*args, **kwargs)
>> File
"/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 396,
>> in run
>> domaindnszonesMaster = get_fsmo_roleowner(samdb, domaindns_dn)
>> File
"/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 43,
>> in
>> get_fsmo_roleowner
>> master_owner = res[0]["fSMORoleOwner"][0]
>> root at gteste2:~#
>>
>>
>> My samba config is:
>>
>> root at gteste2:~# cat /etc/samba/smb.conf
>> # Global parameters
>> [global]
>> workgroup = TESTEAD
>> realm = testead.gsurfnet.com
>> netbios name = GTESTE2
>> interfaces = lo ens33
>> bind interfaces only = Yes
>> server role = active directory domain controller
>> dns forwarder = 8.8.8.8
>>
>> [netlogon]
>> path = /var/lib/samba/sysvol/testead.gsurfnet.com/scripts
>> read only = No
>>
>> [sysvol]
>> path = /var/lib/samba/sysvol
>> read only = No
>> root at gteste2:~#
>>
>>
>>
>> I do not know what to do... :-(
>>
>>
>> Anderson Hoffmann
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>