I think it went mostly well until samba-tool ntacl sysvolreset
I followed the steps here:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
Error:
root at nctest:~# samba-tool ntacl sysvolreset
ERROR(<class 'OverflowError'>): uncaught exception - signed
integer is
greater than maximum
? File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py",
line
186, in _run
??? return self.run(*args, **kwargs)
? File "/usr/lib/python3/dist-packages/samba/netcmd/ntacl.py", line
412, in run
??? provision.setsysvolacl(samdb, netlogon, sysvol,
? File "/usr/lib/python3/dist-packages/samba/provision/__init__.py",
line 1668, in setsysvolacl
??? smbd.set_simple_acl(file.name, 0o755, system_session_unix(), gid)
Here is a history of the commands that I have done.? some cd / cd ..
type commands are removed
?? 58? samba-tool domain join s**********t.local DC
-U"SDCP\administrator" --dns-backend=BIND9_DLZ
?? 59? scp admin at 192.168.10.11:/tmp/idmap.ldb.bak .
?? 64? cp idmap.ldb.bak /var/lib/samba/private/
?? 65? cd /var/lib/samba/private
?? 66? ls
?? 67? mv idmap.ldb idmap.ldb.orig
?? 68? mv idmap.ldb.bak idmap.ldb
?? 70? chmod 600 idmap.ldb
?? 71? net cache flush
?? 72? cd
?? 73? scp admin at 192.168.10.11:/tmp/sysvol.tar .
?? 75? tar -xvf sysvol.tar
?? 77? cp -r sysvol/* /var/lib/samba/sysvol/
?? 78? samba-tool ntacl sysvolreset
On 10/6/22 16:58, Andrew Bartlett via samba wrote:> On Thu, 2022-10-06 at 15:04 -0700, Peter Carlson via samba wrote:
>> I am getting ready to convert from Synology AD (smbd V 4.4.16) to an
>> ubuntu server running 4.15.9. the basic steps I see are :
>>
>> 1. join samba as a DC verify that everything gets replicated
>>
>> 2. rsync sysvol from the synology to new server
>>
>> 3. transfer FSMO roles
>>
>> 4. change samba's DNS backend to BIND (I need the server to
respond
>> for
>> multiple domains)
>>
>> Just curious of any gotchas or steps I might be overlooking. Does
>> there
>> happen to be a guide on doing something like this?
>>
>> Peter
> It should just work, but if it doesn't then see
> https://bugzilla.samba.org/show_bug.cgi?id=15189 for a patch that can
> help if you get WERROR_DS_DRA_MISSING_PARENT
>
> I would also do some work with samba-tool ldapcmp to ensure the
> replication was correct.
>
> Andrew Bartlett
>
>